gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital Open in urlscan Pro
35.203.21.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Effective URL:
https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Submission: On February 19 via api (February 19th 2022, 10:38:34 pm UTC) from CA — Scanned from CA

Summary HTTP 139 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 42 IPs in 3 countries across 33 domains to perform 139 HTTP transactions. The main IP is 35.203.21.171, located in Montreal, Canada and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital.
TLS certificate: Issued by R3 on February 19th 2022. Valid for: 3 months.

This is the only time gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.203.21.171 35.203.21.171	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 10	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
13	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.61.46 52.85.61.46	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:c0b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:49e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.61.107 52.85.61.107	16509 (AMAZON-02) (AMAZON-02)
1	52.85.61.36 52.85.61.36	16509 (AMAZON-02) (AMAZON-02)
5	13.225.230.46 13.225.230.46	16509 (AMAZON-02) (AMAZON-02)
13	34.149.157.221 34.149.157.221	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80b::2010	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:220... 2600:9000:2209:c000:8:f216:eb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2 5	52.85.61.125 52.85.61.125	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
6	34.197.191.32 34.197.191.32	14618 (AMAZON-AES) (AMAZON-AES)
4	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	2600:141b:13:... 2600:141b:13::17d7:82d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.24 108.174.10.24	14413 (LINKEDIN) (LINKEDIN)
1 2	104.18.100.194 104.18.100.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
2 2	207.198.113.169 207.198.113.169	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:ae80:145... 2606:ae80:1451:19::1370	25751 (VALUECLICK) (VALUECLICK)
2	35.231.227.177 35.231.227.177	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2600:9000:220... 2600:9000:2209:6600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	34.208.15.181 34.208.15.181	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.111.154 142.250.111.154	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2209:2e00:7:75d4:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
139	42

2 35.203.21.171 (Montreal, Canada) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 171.21.203.35.bc.googleusercontent.com

gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.40.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-46.ewr53.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)

auth.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-107.ewr53.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-36.ewr53.r.cloudfront.net

fem.prod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.230.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-46.jfk51.r.cloudfront.net

smartcdn.prod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com

smartcdn.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80b::2010 (Queens, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:807::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:c000:8:f216:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d395dw5zk780j2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.85.61.125 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-125.ewr53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.197.191.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-191-32.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)

498fe6241f07fc18af643b43fa9709ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.24 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-24.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.100.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2004 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.169 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:19::1370 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

districtm-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.231.227.177 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 177.227.231.35.bc.googleusercontent.com

dmx.us-east-33.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2209:6600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.208.15.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-15-181.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: gb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:2e00:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.ribn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3336 pixel.adsafeprotected.com — Cisco Umbrella Rank: 519 static.adsafeprotected.com — Cisco Umbrella Rank: 502 dt.adsafeprotected.com — Cisco Umbrella Rank: 465	200 KB
21	postmedia.digital 1 redirects gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital fem.prod.postmedia.digital — Cisco Umbrella Rank: 86165 smartcdn.prod.postmedia.digital — Cisco Umbrella Rank: 178808 smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 68899	461 KB
15	districtm.io hb.districtm.io — Cisco Umbrella Rank: 70016 cdn.districtm.io — Cisco Umbrella Rank: 1644 dmx.districtm.io — Cisco Umbrella Rank: 1164 dmx.us-east-33.districtm.io — Cisco Umbrella Rank: 14113	18 KB
13	googlesyndication.com 498fe6241f07fc18af643b43fa9709ab.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	219 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 storage.googleapis.com — Cisco Umbrella Rank: 411	181 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 bid.g.doubleclick.net — Cisco Umbrella Rank: 448	178 KB
6	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5051 identity.mparticle.com — Cisco Umbrella Rank: 2515 jssdks.mparticle.com — Cisco Umbrella Rank: 4790	48 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	4 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	3 KB
5	gstatic.com fonts.gstatic.com	108 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	2 KB
3	google.ca adservice.google.ca — Cisco Umbrella Rank: 12901 www.google.ca — Cisco Umbrella Rank: 8810	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	425 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	76 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	587 B
2	dotomi.com 2 redirects districtm-match.dotomi.com — Cisco Umbrella Rank: 6427	685 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 269	624 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 542	808 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 497	539 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 2482	475 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	115 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	16 KB
2	cloudfront.net d395dw5zk780j2.cloudfront.net	13 KB
1	ribn.com assets.ribn.com — Cisco Umbrella Rank: 44469	4 KB
1	t.co t.co — Cisco Umbrella Rank: 456	337 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	457 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	111 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 2571	43 KB
1	lrcontent.com auth.lrcontent.com — Cisco Umbrella Rank: 37875	47 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 4023	3 KB
139	33

	Domain	Requested by
13	dt.adsafeprotected.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
13	smartcdn.gprod.postmedia.digital	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
11	storage.googleapis.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital storage.googleapis.com
10	dmx.districtm.io	hb.districtm.io cdn.districtm.io gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
8	securepubads.g.doubleclick.net	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital securepubads.g.doubleclick.net www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	pixel.adsafeprotected.com	cdn.adsafeprotected.com gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	sb.scorecardresearch.com	2 redirects fem.prod.postmedia.digital gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
5	fonts.gstatic.com	fonts.googleapis.com
5	smartcdn.prod.postmedia.digital	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
4	static.adsafeprotected.com	pixel.adsafeprotected.com gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
4	www.google.com	1 redirects gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital securepubads.g.doubleclick.net tpc.googlesyndication.com
4	identity.mparticle.com	jssdkcdns.mparticle.com
3	x.bidswitch.net	3 redirects
3	px.ads.linkedin.com	3 redirects
2	www.facebook.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	dmx.us-east-33.districtm.io	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
2	districtm-match.dotomi.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	www.google.ca	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
2	p.adsymptotic.com	1 redirects gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	connect.facebook.net	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	cdn.districtm.io	hb.districtm.io cdn.districtm.io
2	d395dw5zk780j2.cloudfront.net	fem.prod.postmedia.digital d395dw5zk780j2.cloudfront.net
2	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital	1 redirects
1	jssdks.mparticle.com	jssdkcdns.mparticle.com
1	assets.ribn.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	bid.g.doubleclick.net	www.googleadservices.com
1	cm.g.doubleclick.net	1 redirects
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	t.co	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	analytics.twitter.com	static.ads-twitter.com
1	498fe6241f07fc18af643b43fa9709ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ca	securepubads.g.doubleclick.net
1	static.ads-twitter.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	jssdkcdns.mparticle.com	fem.prod.postmedia.digital
1	www.googletagmanager.com	fem.prod.postmedia.digital
1	fem.prod.postmedia.digital	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	ak.sail-horizon.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	auth.lrcontent.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	www.npttech.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	fonts.googleapis.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	cdn.adsafeprotected.com	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
1	hb.districtm.io	gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
139	54

This site contains links to these domains. Also see Links.

Domain
www.pbycapital.com
financialpost.com
twitter.com
www.linkedin.com
www.postmediasolutions.com
adregistry.postmedia.com
www.postmedia.com

Subject Issuer	Validity	Valid
gcp-rc-912-driving.gstage.postmedia.digital R3	`2022-02-19` - `2022-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
ak.sail-horizon.com Amazon	`2022-01-06` - `2023-02-02`	a year	crt.sh
fem.prod.postmedia.digital Amazon	`2021-11-08` - `2022-12-06`	a year	crt.sh
*.prod.postmedia.digital Amazon	`2022-01-15` - `2023-02-13`	a year	crt.sh
smartcdn.gprod.postmedia.digital GTS CA 1D4	`2022-02-12` - `2022-05-13`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2021-07-07` - `2022-08-08`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-29` - `2022-02-27`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.google.ca GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
api.sail-personalize.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.ribn.com Amazon	`2021-09-20` - `2022-10-19`	a year	crt.sh
jssdks.mparticle.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Frame ID: D5837989362F08EE95A4E5F0DD4C0A5F
Requests: 96 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v52.0/xd.html
Frame ID: 027F55C4A1DBBF5E3C053904DBBFDCF8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: DE8E711CDEAE95FCF0E25D052947F3C1
Requests: 10 HTTP requests in this frame

Frame: https://498fe6241f07fc18af643b43fa9709ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CBD694023599A3A9FA611315714013F2
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5076699831&chanId=22429240359&placementId=5850747974&pubCreative=138368903865&pubOrder=2918147269&cb=1807352370&custom=index&custom2=1&adsafe_par&impId=a78c32f6-91d4-11ec-8dcf-0267213192c3
Frame ID: 1C59B7E77D5A8859A796481971DA1C16
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE8Cb_MtEyTAwLB6PcSbFweH56dEQRyo2keepEzjEBqer06Qf_Ih6Q4JbTfeW_yDrkeR7aB3nQ9KNAG5ELQjnUEt65kyHko3u_G--s5pPUvIWiuzFkbNTvtqb2ljkPo_J7xzi_2Q6TITQVIglcS-SR7UBi4DCzz5fBVYOojWsgEIk5syEb6rO5jLLweQDJKPsLSd4_TS31B5WrOgErM9q8TmXiX130Co7KWxhff8exhP2TMSIZ6W-pXpd9axER8OmWK-i05gcsKXIqbgP3zc1BC54vDK4OskaZBSZNJCE4nGoDk_iHepD_GpZMJGnGYaAuiA3fsp4fOWCHv82zn7XIDuEIvALFZVOkY84ynQ&sai=AMfl-YS6Q84qdaH5g7YImcQxFPjCsjcq3yTRBgT_DoYQlyquJxBaxiL_NR2VS2VYQMcbOPT_tTxn6ATVs7KopWM-2xOznRNIv2e-Rkw3u6txCi4MetuUqnxNUhe7tjD7UTV-&sig=Cg0ArKJSzDBx-BBLUHSFEAE&uach_m=[UACH]&adurl=
Frame ID: 9C14B3829526CFD9E16FB4C11E3D9861
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372041564&pubOrder=2918923800&cb=15112581&custom=index&custom2=2&adsafe_par&impId=a78c32f7-91d4-11ec-8dcf-0267213192c3
Frame ID: E8510B6AED2FC713839CC7ED8804D72C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXjWhW3_MzE_TIPW4Cxn0gyt1BAq1P0D-XYOj8fQHZZudHcwQPbFs7qym21HrH2cy9XmZkVMO6hktkdoABdARz-MCOO93JS9nO18cfXs5iarMEC9v-ifA8oXrj-SzcYv6YO0XD94VNwaxoq2NGQryTb_O1TShs1gizDKmnyZBXdMncoRPx8B-NalRQBM1FS7u5MukysS7GyX4h68oCC3m9WwABektgPq4fpYcBCoRz_IVCoc-EkgtL5cxw8jXJnPKWv88wcDuaxnOJIypiZTchIstQga8kaomcbmJq9SVsnbhGxliWh2YGja9Yf91eqtlePBN7EJnHIH_U5tw-dqh-iFEe7jFOSKBZAnFWWw&sai=AMfl-YRJ0_Z-0WjuVwutjbFKLgplTIFwVYlssCOheOoZXgeyKUUtzHDK2Bzq792HBL3X8nMxL1dZkdhnpV4l3adZ72zj2eTdUTse7UzVcdxDTEwYn2Bd-upbOi-ywIDRfX-s&sig=Cg0ArKJSzG_32t4_BRSSEAE&uach_m=[UACH]&adurl=
Frame ID: 886236A09E4A98F8F2385076AAD9C829
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: BE44A4657B5472FC89ECEA04C75A50CF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 255852B92A74036151B9485261F2F997
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0117DF4499D86AF68BCFFCAE355F5BA9
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 1B5FD47E411FED2ABAC26A3838043DDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8B1CECCE1B70FFB930CA91FD02E81D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F555AA796A1D0952F348C4C66055F5FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Canadian Family OfficesCanadian Family Offices

Page URL History Show full URLs

http://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/ HTTP 308
https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

139
Requests

93 %
HTTPS

49 %
IPv6

33
Domains

54
Subdomains

42
IPs

3
Countries

1856 kB
Transfer

4985 kB
Size

34
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pbycapital.com/
Title: PBY Capital

Search URL Search Domain Scan URL

URL: https://financialpost.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/CFObyPostmedia

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/canadianfamilyoffices

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/ HTTP 308
https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1645310307308&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645310307308&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&c9=

Request Chain 77

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1645310307653%26url%3Dhttps%253A%252F%252Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQJjAI9NRNXXjwAAAX8UIu5ffanmgjOet4hOLrATByw5LHVKdWYoftzipaGfFGvd0idqtlT4 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=79d43ca4-f699-4c1a-ae12-e892b2cd9922 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=79d43ca4-f699-4c1a-ae12-e892b2cd9922&_expected_cookie=42053782be257f5ac888d1de4ba88c06

Request Chain 80

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=541862104.1645310307&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Y3ERYpTNJ5itNa7EoLAP&sscte=1&crd=&eitems=ChAIgMfCkAYQ1M-hkIf_5a5YEh0AvnXNK5mOoQBTLDVzZDI1xTa2wXkhAJbeNfe8pw HTTP 302
https://www.google.com/pagead/1p-conversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=541862104.1645310307&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Y3ERYpTNJ5itNa7EoLAP&cid=CAQSKQCNIrLMCnMdjVEJ9I47N74rPl4SFTGgSMUOjgtC_rV5YILsZ4xRb4K3&eitems=ChAIgMfCkAYQ1M-hkIf_5a5YEh0AvnXNKw1jH7LI8wdoU4bwRlfrvXyc5Wn8ptQGJA&random=538287160&resp=GooglemKTybQhCsO HTTP 302
https://www.google.ca/pagead/1p-conversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=541862104.1645310307&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Y3ERYpTNJ5itNa7EoLAP&cid=CAQSKQCNIrLMCnMdjVEJ9I47N74rPl4SFTGgSMUOjgtC_rV5YILsZ4xRb4K3&eitems=ChAIgMfCkAYQ1M-hkIf_5a5YEh0AvnXNKw1jH7LI8wdoU4bwRlfrvXyc5Wn8ptQGJA&random=538287160&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 81

https://x.bidswitch.net/sync?ssp=districtm&user_id=25LdTTpxNLMFH0aeKD1itnBFtYx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=25LdTTpxNLMFH0aeKD1itnBFtYx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=68ecef2c-1159-499e-9d77-e4fb9c19cef1&google_hm=NjhlY2VmMmMtMTE1OS00OTllLTlkNzctZTRmYjljMTljZWYx HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELgbMGzwORZLsS0q9-ugNDk&google_cver=1&ssp=districtm&bsw_param=68ecef2c-1159-499e-9d77-e4fb9c19cef1 HTTP 302
https://dmx.districtm.io/s/10009/68ecef2c-1159-499e-9d77-e4fb9c19cef1

Request Chain 82

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
https://dmx.districtm.io/s/10001/f8a9fd3c-c3c7-4c23-93a5-1b928432d5ed-62117163-4341

Request Chain 83

https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true HTTP 302
https://dmx.districtm.io/s/10057/y-UEjNOEJE2uHAYJmdpNDn8I2ysczzqiHDOMMvbuw-~A

Request Chain 84

https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&rurl=//dmx.us-east-33.districtm.io/s/10007/ HTTP 302
https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=321cdb376a74121a&is_secure=true&version=1&networkId=33921&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&rurl=%2F%2Fdmx.us-east-33.districtm.io%2Fs%2F10007%2F HTTP 302
https://dmx.us-east-33.districtm.io/s/10007/AAAGbw-QAjKEwgN0TcbYAAAAAAA&expiration=1645396707&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&is_secure=true

Request Chain 85

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YhFxYwAHbUZwAQAy HTTP 302
https://dmx.us-east-33.districtm.io/s/10016/YhFxYwAHbUZwAQAy&_test=YhFxYwAHbUZwAQAy

Request Chain 122

https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

139 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Redirect Chain

http://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

482 KB
68 KB

14274ms
14248ms

Document
text/html

35.203.21.171
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.203.21.171 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

171.21.203.35.bc.googleusercontent.com

Software

Resource Hash

c34a8a0b65cf59296a14ec02e7623cceb0c63b85ab93de38758c6390ce451e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Sat, 19 Feb 2022 22:38:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding user-agent
expires: Sat, 19 Feb 2022 22:43:25 GMT
cache-control: max-age=300
x-frame-options: SAMEORIGIN
x-pmd-backend: cheetah-nginx
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

Date: Sat, 19 Feb 2022 22:38:12 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
27 KB 122ms
58ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

a98e42e3eb993cc80c926236bbdcbfbd4c531f23bc794d51c0f09c74a526f746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27502
x-xss-protection: 0
server: sffe
etag: "1137 / 764 of 1000 / last-modified: 1645225517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Feb 2022 22:38:26 GMT

GET
H2 200 all.postmedia.js Show response
hb.districtm.io/prod/100549/ 36 KB
13 KB 107ms
45ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:26 GMT
via: 1.1 3500217a9615be8281152e7c88016d27.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 604
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 10 Dec 2020 10:37:54 GMT
server: cloudflare
etag: W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
x-amz-cf-pop: YTO50-C3
cf-ray: 6e02fc4919a3cacc-YYZ
x-amz-cf-id: oMLzit6jFwj77cuISbncmYKu6Otu__klaSHlOdizxtKrKjCVudcWUg==
expires: Sun, 20 Feb 2022 10:38:26 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 58ms
21ms Script
application/javascript 52.85.61.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-46.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:55:56 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 103351
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 978d7ccfdbed8c0e3015142e29dd5c5c.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: EWR53-P1
X-Amz-Cf-Id: uKmS_t-xNpDdY7nUc8wNs1HzhNn1Ce_4UZGUCpHIHo6vnbyuFabwRA==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 98ms
35ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1dd1a6a145e1ea2750d60fd2f3de8e823197e98eba48ce407bf5bc471e4ba3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 22:38:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Feb 2022 22:38:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Feb 2022 22:38:26 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 49ms
21ms Script
application/javascript 2606:4700:3032::ac43:c0b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3302
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JNMEQGQ9NJ9E6X1S
x-amz-id-2: fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MAPD3NlltEcj%2BTtRNMZsGv4kN7ToYyU0i%2F%2Fad1UYu0bettVYVMG5%2B3%2F1xbzFfj3EuFxE%2Bvlhgxftc%2FKOZOYhEGVtz0xq4J1H3x1U%2Bf96eCeh9DebiROrJcwjFupZ1LvOjaFKt2t1xqFuXP2qpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6e02fc498c5d7136-YUL

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/js/ 199 KB
47 KB 50ms
23ms Script
application/javascript 2606:4700:10::6816:49e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/js/LoginRadiusV2.js

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:26 GMT
via: 1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 4020
cf-polished: origSize=1238069
x-cache: Miss from cloudfront
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:19:58 GMT
server: cloudflare
etag: W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: EWR52-C3
cf-ray: 6e02fc48ed1e4bcb-YUL
x-amz-cf-id: UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj: minify

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 76ms
21ms Script
application/javascript 52.85.61.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-107.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:29:36 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 04:22:34 GMT
server: AmazonS3
age: 531
etag: W/"b22b4f4738e8722be1636447be239da2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: YDNIhWyyDDu-RkAE80zIhhjkY034HIFvT_5T7CY-eYLurcwp1K323w==

GET
H2 200 fem.js Show response
fem.prod.postmedia.digital/v52.0/ 263 KB
79 KB 166ms
111ms Script
application/javascript 52.85.61.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.prod.postmedia.digital/v52.0/fem.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-36.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fedd8fffa3ac78628ee74a3fd6896f3142cefd6425040d8c2ad6ea0f9177243

Request headers

Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:15:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: W/"3b9826d6947c2ef3dca393d367144498"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
x-amz-cf-id: 3cLYks6NyY3CZJspakwSDeZu6DwswwQ3TASc184FXFAQwKEY9lHw6w==
via: 1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)

GET
H2 200 MicrosoftTeams-image-1.png
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/ 7 KB
7 KB 127ms
29ms Image
image/webp 13.225.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/MicrosoftTeams-image-1.png
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-46.jfk51.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 7fb0c7ff737b4e24b5779966ab33cf471e3902f26e598e3f4e8ea365c370aff9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Thu, 24 Jun 2021 18:26:02 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
server: nginx/1.19.10
age: 20751144
etag: "a25ac1ee0b9191ef57801138f8c77e081f5450c3"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-amz-cf-pop: JFK51-C1
x-pmd-smart-cdn-proxy: 93319da2bf59
content-length: 6864
x-amz-cf-id: r5LLj6kROVK0q3Qcizu9-2OUYP9_qmyMnzvvSLA05mrgwDLBAK8n3g==
expires: Fri, 24 Jun 2022 18:26:02 GMT

GET
H2 200 GettyImages-1326463734-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 29 KB
29 KB 99ms
73ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/GettyImages-1326463734-WEB.jpg?quality=90&strip=all&w=466&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: f941ce73be54798e5c2a4893eac30dbd212622fe0dfbe1e7442ce8f780e04b6a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:26 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "4a48c974dafb8e12f708bece544bec659dfe33d8"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-9g44k
alt-svc: clear
content-length: 29828

GET
H2 200 Tom-McCullough-large-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 6 KB
7 KB 38ms
12ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/Tom-McCullough-large-cropped.jpg?quality=90&strip=all&w=150&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: ca244cabb27e7317838760459ff01cc03db11aaaaa4eb97b2a816211deaac16b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Fri, 18 Feb 2022 21:31:06 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 90440
etag: "e6fd7353dce03ba996b80ae84473d441db0780cc"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-85q8c
alt-svc: clear
content-length: 6432

GET
H2 200 bigred-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 7 KB
7 KB 1493ms
1468ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/bigred-cropped.jpg?quality=90&strip=all&w=150&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: dad3f4c8cc703adefb2b159c92b455aa4b53b541168c384e630456aabfe7dac6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:28 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "8e448d5dd0f83fe99dfef5d18d2107960c6ed39e"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-cgvtp
alt-svc: clear
content-length: 7520

GET
H2 200 Quebec-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 8 KB
8 KB 593ms
568ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/Quebec-cropped.jpg?quality=90&strip=all&w=150&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 14b2941f828287cedba9021f40e5ffd7134bc81a7fa9f8c95babbfed79eee414

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "ffcbaf2c3be02b39d047caa475f17387208b1cde"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-bswfp
alt-svc: clear
content-length: 8482

GET
H2 200 GettyImages-876353660-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 9 KB
10 KB 94ms
69ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/GettyImages-876353660-WEB.jpg?quality=90&strip=all&w=150&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 0762b8d5ce51c6b44f2ccdbf2a1fdea015089b0e141d1c3c825ae462acc5c065

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:26 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "834920c4f7b96efa5bf2e5cab82289a673b6adef"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-cgvtp
alt-svc: clear
content-length: 9714

GET
H2 200 1-Lysander-SmallLogo.jpg
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/ 4 KB
4 KB 127ms
31ms Image
image/webp 13.225.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/1-Lysander-SmallLogo.jpg
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-46.jfk51.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 547bd68f3066013a77c5a66650f55040f12d51875a76d616d47fffa68b35188e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Thu, 02 Dec 2021 14:46:33 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
server: nginx/1.19.10
age: 6853913
etag: "301354a762fdb89ea2a1adf23e5b8c5ddd3f53cb"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-amz-cf-pop: JFK51-C1
x-pmd-smart-cdn-proxy: ac623d914542
content-length: 4036
x-amz-cf-id: 07cClqSNOKCxAeBM5pBO7Kezb5VzWPEx7z0S2qpxiJiEOfSzXZhNMA==
expires: Fri, 02 Dec 2022 14:46:33 GMT

GET
H2 200 1-Canso-SmallLogo.jpg
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/ 4 KB
4 KB 126ms
30ms Image
image/webp 13.225.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/1-Canso-SmallLogo.jpg
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-46.jfk51.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 454f5fb30eb58ad26082a91cb6e22b58636a04e0dadf8c556c37a9502c1d9d01

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Mon, 25 Oct 2021 14:42:29 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
server: nginx/1.19.10
age: 10137357
etag: "6dc85c45ed7e9d0a1a0cf7a09061ec51d2e09855"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-amz-cf-pop: JFK51-C1
x-pmd-smart-cdn-proxy: 9a9e41e52395
content-length: 4046
x-amz-cf-id: 1mQaf7eE-PUf7Qa3gXJGqowmO9dKpA3t8kZzy4gt65GrkeXxO89ycA==
expires: Tue, 25 Oct 2022 14:42:29 GMT

GET
H2 200 1-PBY-SmallLogo.jpg
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/ 4 KB
4 KB 127ms
32ms Image
image/webp 13.225.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/1-PBY-SmallLogo.jpg
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-46.jfk51.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 065cc6236a7bc9dd6f1234f05781416f8c614de7a4b0560d928d99756b411d7a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Mon, 18 Oct 2021 15:57:40 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
server: nginx/1.19.10
age: 10737646
etag: "549ad4099b6b546ca1e6615ee63fab7db81e3d0c"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-amz-cf-pop: JFK51-C1
x-pmd-smart-cdn-proxy: f919bb558cd9
content-length: 4044
x-amz-cf-id: mPbXnCV5KNwn84oLRx00I-HZJgCrsIEnhALNhP_zQXPhCIr41Lp7gA==
expires: Tue, 18 Oct 2022 15:57:40 GMT

GET
H2 200 icon-soc-tw.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/images/share-icons/ 2 KB
2 KB 70ms
20ms Image
image/svg+xml 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/images/share-icons/icon-soc-tw.svg
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:10 GMT
age: 16
x-guploader-uploadid: ADPycduV8qDQ5s16tHV7Kl9GcsIzq6o_v5e7EixvsiPzPbE8Y6atgcBcLztbq8BjzQGyoFcwm_HH-MWVE2LhMOW7H9I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1698
last-modified: Wed, 22 Dec 2021 14:49:49 GMT
server: UploadServer
etag: "df82c342c1176b84253c53e6e10eed05"
x-goog-hash: crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
x-goog-generation: 1640184589516718
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 1698
accept-ranges: bytes
content-type: image/svg+xml
expires: Sun, 19 Feb 2023 22:38:10 GMT

GET
H2 200 icon-soc-li.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/images/share-icons/ 739 B
1018 B 182ms
142ms Image
image/svg+xml 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/images/share-icons/icon-soc-li.svg
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:26 GMT
x-guploader-uploadid: ADPycdvIVB8KR_cgLhmByzbZbOSCdvyZp83Lguv_yg-aUCP0F47kFy-C-1it8ayUA2vIRVAvfAYEJKZM6u7Jo7my1-o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 739
last-modified: Wed, 22 Dec 2021 14:49:44 GMT
server: UploadServer
etag: "071e5c7f2df5f3dc2b856b2576752f1c"
x-goog-hash: crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
x-goog-generation: 1640184584715829
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 739
accept-ranges: bytes
content-type: image/svg+xml
expires: Sun, 19 Feb 2023 22:38:26 GMT

GET
H2 200 shared.faed02a1ee7a.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/ 24 KB
24 KB 67ms
21ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/shared.faed02a1ee7a.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: faed02a1ee7adf588b64ff3f041802b0bc57333704589e65c426012cddabb22c

Request headers

Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:10 GMT
age: 16
x-guploader-uploadid: ADPycdumyo-G0XzZcyG-BAQyp_YDa_7BcxJ923Q5SH1XPOZ1a21q_i7sC3cBr7PXXOV_ITM0htOdC5fubcRWxEIDqg8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24147
last-modified: Wed, 22 Dec 2021 14:54:35 GMT
server: UploadServer
etag: "4d2f0d0cc9938a7ebc83f7a9599dce3c"
x-goog-hash: crc32c=J1808Q==, md5=TS8NDMmTin68g/epWZ3OPA==
x-goog-generation: 1640184875959747
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=31536000
x-goog-stored-content-length: 24147
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:10 GMT

GET
H2 200 main.aebf0e0d15c0.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/ 94 KB
94 KB 85ms
39ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/main.aebf0e0d15c0.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: aebf0e0d15c0130fbe1375e3d5daff30441efea4c2545cc9f69cea6c13bab3a9

Request headers

Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:10 GMT
age: 16
x-guploader-uploadid: ADPycdthlilfu9juDc4gJnp5nLBjlzq07eH0CM2M4XIeYvfJkLs7kKgleZ3yXN2M72P1I0x6WIWphi9B1-fh6-Ot_Dw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95926
last-modified: Wed, 22 Dec 2021 14:54:36 GMT
server: UploadServer
etag: "d8bcb4bf84312d335f8ae32bda554e4b"
x-goog-hash: crc32c=qYBBxg==, md5=2Ly0v4QxLTNfiuMr2lVOSw==
x-goog-generation: 1640184876227155
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=31536000
x-goog-stored-content-length: 95926
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 70ms
21ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:28:42 GMT
x-content-type-options: nosniff
age: 162584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 01:28:42 GMT

GET
H2 200 j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2
fonts.gstatic.com/s/frankruhllibre/v10/ 20 KB
20 KB 89ms
41ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v10/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1ef95b3042a40188772fba913faf3582345ea35868a2340b9f0ea1954f2c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 00:13:48 GMT
x-content-type-options: nosniff
age: 253478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20468
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:04:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Feb 2023 00:13:48 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 37 KB
37 KB 104ms
57ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:21:37 GMT
x-content-type-options: nosniff
age: 368209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 16:21:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 75ms
27ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:23:56 GMT
x-content-type-options: nosniff
age: 368070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 16:23:56 GMT

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v10/ 20 KB
20 KB 96ms
49ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v10/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 00:14:07 GMT
x-content-type-options: nosniff
age: 253459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20072
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Feb 2023 00:14:07 GMT

GET
H2 200 newsletter-envelope.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/images/newsletters/logo/ 2 KB
3 KB 19ms
19ms Image
image/svg+xml 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/images/newsletters/logo/newsletter-envelope.svg
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:10 GMT
age: 16
x-guploader-uploadid: ADPycduh71W_reAT-iNNS-Gs4pImrq6rVGHtL3P__92oyMeaWBGn2w7csXqiIo7DYPlZOc33sKoFQvvUfCU92K4FJPk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2424
last-modified: Wed, 22 Dec 2021 14:46:38 GMT
server: UploadServer
etag: "dceb7ee8eaaaa05d55c1e22d2c5eab79"
x-goog-hash: crc32c=58jl1w==, md5=3Ot+6OqqoF1VweItLF6reQ==
x-goog-generation: 1640184398619158
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 2424
accept-ranges: bytes
content-type: image/svg+xml
expires: Sun, 19 Feb 2023 22:38:10 GMT

GET
H2 200 xd.html Show response
d395dw5zk780j2.cloudfront.net/v52.0/ Frame 027F 167 B
516 B 60ms
19ms Document
text/html 2600:9000:2209:c000:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v52.0/xd.html
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v52.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:c000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 207971b8c98d17783acd3f3703856efed323967819a88a8d66038656a4a1e313

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

content-type: text/html
content-length: 167
date: Mon, 14 Feb 2022 17:07:29 GMT
last-modified: Mon, 14 Feb 2022 16:15:17 GMT
etag: "5b3948eef7d4668b4b7a88d957e8cb25"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: nRihLa5LzqkiR4gSAsAeU62ugXDKPK2l_864aLEqrig7gc4mScWssg==
age: 451859

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 495 KB
111 KB 93ms
36ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Requested by

Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v52.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cbe5580f5146a47c890b75f962c3e8895431a5d8146cdff8504b6a6bd14b137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112869
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 57ms
19ms Script
application/javascript 52.85.61.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v52.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-125.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 13:45:31 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 31983
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: v3TOqf6BKofo_ne6GwnqpPVu5MbHAIBjJcTM1mKK6dUWZykRweaolw==

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-291f0e7d24b90a44b6eba59494d7f548/ 184 KB
48 KB 45ms
10ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-291f0e7d24b90a44b6eba59494d7f548/mparticle.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v52.0/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 650b420a667a11a2aa17d883d25dad93d5a94e1743bda8fb729307c46ccd7f88

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 16
x-origin-name: fastlyshield--shield_ssl_cache_iad_kjyo7100064_IAD
x-served-by: cache-iad-kjyo7100064-IAD, cache-yul12832-YUL
vary: Accept, Accept-Encoding
x-cache: MISS, HIT
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=3600
accept-ranges: bytes
x-timer: S1645310307.098903,VS0,VE0
content-length: 48500
x-cache-hits: 0, 2

GET
H3 200 pubads_impl_2022021401.js Show response
securepubads.g.doubleclick.net/gpt/ 360 KB
120 KB 46ms
19ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 06:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123280
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 09:43:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Feb 2023 06:21:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 136 B
147 B 67ms
41ms XHR
application/json 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

747cb3e3d01d3921d418165ca7916a7e94de6e96d2c8167287d52027de68f578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 2 KB
2 KB 81ms
32ms XHR
application/json 34.197.191.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ad3f7f14-f370-f997-3907-a51564dbff62&url=https%253A%252F%252Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-191-32.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d80c71bd46edd17ef2cf159b8916c211ddecbd811a83bbf5b5b6de7a0ac50b4c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
x-server-name: app10.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H3 200 7b3b1c666ca0ec3aa30815.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/ 13 KB
13 KB 21ms
20ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/7b3b1c666ca0ec3aa30815.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/shared.faed02a1ee7a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 709932d262282e65073a8940fc09fc3fffbeb13682a8190bf8a1e96fc2c59888

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:11 GMT
age: 16
x-guploader-uploadid: ADPycdtjrAh0_RPrb-qNIKXZedzcm4YvY-_rL9TEWf9tKePbQJa3ZQtkmM6s_rAKME15DvoDTksaAxM_IbMOkDV19Kk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12817
last-modified: Wed, 22 Dec 2021 14:52:53 GMT
server: UploadServer
etag: "3ce029aa95426387c4ea8ff16addb71b"
x-goog-hash: crc32c=5nWjhA==, md5=POApqpVCY4fE6o/xat23Gw==
x-goog-generation: 1640184773136041
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 12817
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:11 GMT

GET
H3 200 1bd3027b055930c428798.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/ 10 KB
10 KB 25ms
24ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/1bd3027b055930c428798.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/shared.faed02a1ee7a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c59439b4ea6905545d0a5f41278422ee0d3bb3d370b4b8eaea35f306a9e1f63

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:11 GMT
age: 16
x-guploader-uploadid: ADPycduxXEE31zueZfuP2aBZ-TpxReVXMJw5dSJzDDO8Rc-IaSE2YttWjOBFLtBjtAJBwg6Bx6tKmjoFbmLx_dqaLhU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10423
last-modified: Wed, 22 Dec 2021 14:50:12 GMT
server: UploadServer
etag: "7dbecbf75e284bf34041ca1ab780ed2a"
x-goog-hash: crc32c=WNTeUw==, md5=fb7L914oS/NAQcoat4DtKg==
x-goog-generation: 1640184612610110
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 10423
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:11 GMT

GET
H3 200 c21a9b55aee30072973019.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/ 6 KB
6 KB 22ms
22ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/c21a9b55aee30072973019.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/shared.faed02a1ee7a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 65bdb0f68bb734a9ee0412aeb1d9898bd4098339efd43b8356acf19b3d8c3ad5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:11 GMT
age: 16
x-guploader-uploadid: ADPycdvsvtIOwp_zpTt8b9i37ev4ek_oCxxAKHhj_xVf57jCGXlJLYwSnwFdaLK-dScnw3mEbWj1x9onbqDlKn2EWfs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6288
last-modified: Wed, 22 Dec 2021 14:50:35 GMT
server: UploadServer
etag: "22381c804e590971b2c49e05c08bec23"
x-goog-hash: crc32c=ACzAhA==, md5=IjgcgE5ZCXGyxJ4FwIvsIw==
x-goog-generation: 1640184635155999
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 6288
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:11 GMT

GET
H3 200 02f6fe35cf4ad2674cc916.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/ 7 KB
7 KB 28ms
26ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/02f6fe35cf4ad2674cc916.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/shared.faed02a1ee7a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6902e79f7c8a801e6c1e25c65fd4dcf30034a12d12dad3286d2f0af4457c9b0c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:11 GMT
age: 16
x-guploader-uploadid: ADPycdu65XUGuj_FGBlVlAeHf4VTOY2amO4SH562co9-xOQJ1XJlvIoNSiKBjf12ZaYyc1LPT-t8edOtWsOlgSCZ76o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6788
last-modified: Wed, 22 Dec 2021 14:52:21 GMT
server: UploadServer
etag: "26b776a7e0af4a927770b410a0d201c5"
x-goog-hash: crc32c=X7oyCg==, md5=Jrd2p+CvSpJ3cLQQoNIBxQ==
x-goog-generation: 1640184741800764
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 6788
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:11 GMT

GET
H3 200 d425b4b71b15e7eb53b310.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/ 11 KB
11 KB 30ms
29ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/d425b4b71b15e7eb53b310.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/shared.faed02a1ee7a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: adaf81788242f9c48cc12172354c5df3e22fdcbcd2c3979dd83b419bb59e3db7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:11 GMT
age: 16
x-guploader-uploadid: ADPycdsnGIFBW5SLJw74Vtmd-cuZdd6W8SykEL62qH3RD6WYDNTD6_2hj5IMUaK7tslUqZivcPUjYORNHq5qViEQx4U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10932
last-modified: Wed, 22 Dec 2021 14:52:01 GMT
server: UploadServer
etag: "94cbc1e6a31f2a3ccccafda4072d30e7"
x-goog-hash: crc32c=m5WKIQ==, md5=lMvB5qMfKjzMyv2kBy0w5w==
x-goog-generation: 1640184721824786
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 10932
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:11 GMT

GET
H3 200 f3500b3ce093146933ed28.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/ 9 KB
9 KB 38ms
38ms Script
application/javascript 2607:f8b0:4006:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/websites/js/f3500b3ce093146933ed28.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/9.1.2/CACHE/js/shared.faed02a1ee7a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0878df8b9a030066f26276aab6a4e36e509b480ec37fdac609ec3037611267d4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:11 GMT
age: 16
x-guploader-uploadid: ADPycduUfrBf7K1wRf9GiUSEE3F27OTduhJJo9BU0mnSQYc_Apy2Ty6E6Kde60USAf1fsidrRJIhTF3rJzo85bbP2aU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9689
last-modified: Wed, 22 Dec 2021 14:52:48 GMT
server: UploadServer
etag: "164b4a482a8a95b67d5a10e2dc47a831"
x-goog-hash: crc32c=Gk2Kew==, md5=FktKSCqKlbZ9WhDi3EeoMQ==
x-goog-generation: 1640184768597174
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 9689
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Feb 2023 22:38:11 GMT

GET
H2 200 Tom-McCullough-large-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 18 KB
18 KB 781ms
775ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/Tom-McCullough-large-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: b30a9440e738dae3a0fb460d1d8836f66113d78863686160db005978072a3436

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "682e74422c5f7ec14f483a18ce8f97cf512ce5dc"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-cgvtp
alt-svc: clear
content-length: 18770

GET
H2 200 GettyImages-876353660-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 27 KB
27 KB 23ms
17ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/GettyImages-876353660-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 0c690ec8c9f576e907c74e94e5feaee29628aae272bd3b5c7a80c0a1d8620712

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Fri, 18 Feb 2022 21:31:06 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 90441
etag: "1aa632b8387342ac09afac83d0ba90d37bdb7c0d"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-bn97l
alt-svc: clear
content-length: 27252

GET
H2 200 Quebec-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 27 KB
27 KB 21ms
16ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/Quebec-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 1c2cd2a9b3696372f871464701c206fbbd7f47d1e5e86f019193252cc3ea30ca

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Fri, 18 Feb 2022 21:31:06 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 90441
etag: "412cc24a474c37844b5ef75cef250552abbff213"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-xk959
alt-svc: clear
content-length: 27320

GET
H2 200 embedded-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/ 25 KB
25 KB 25ms
20ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/embedded-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 978d18e8d69ce3671087886a891b26a7c7d9ee8a81a816dcddae04cb167888ca

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Fri, 18 Feb 2022 21:31:06 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 90441
etag: "5e89a16a0b5881088c94300c7916fa9652c6c2b8"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-xk959
alt-svc: clear
content-length: 25958

GET
H2 200 Six-family-office-books2.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/ 30 KB
30 KB 31ms
25ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/Six-family-office-books2.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 541eeb57ed6441577ff5ffeadc446715eb7b288b5fa7a48d8684d14627852344

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Fri, 18 Feb 2022 21:31:08 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 90439
etag: "b164baf7ad2af2cd5d7e4199c1d3464e226e82e6"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-2cjmp
alt-svc: clear
content-length: 30954

GET
H2 200 GettyImages-1326463734-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 22 KB
22 KB 745ms
739ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/GettyImages-1326463734-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: fbdd79cac903cbaf80d8f32e9762b334e0779daa018cc745fa0608698b9f5d4b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "04343b0d633f016f5eb9e14bd85489cde74259d0"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-9g44k
alt-svc: clear
content-length: 22224

GET
H2 200 GettyImages-1321484348-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 27 KB
27 KB 394ms
389ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/GettyImages-1321484348-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 5fb6d69941da291501efde94bd6471b8388d0f82fc8d19379d7e62f9f37c10c1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "85bc50fd3e700af93b676ae2e55db0e1e03b0d1f"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-9g44k
alt-svc: clear
content-length: 27826

GET
H2 200 GettyImages-1182014619-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 29 KB
30 KB 856ms
851ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/GettyImages-1182014619-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 675835b816c69aaa3e287822cf525921f9204190e3a3b337149a5d925743eece

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:28 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
etag: "32e8f1f78224b97eea47b58aaf383889ce8d1bf2"
vary: Accept
content-type: image/webp
x-cache-hit: miss
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-bswfp
alt-svc: clear
content-length: 30104

GET GettyImages-1219974733-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/ 0
0

GET
H2 200 GettyImages-471759147-WEB.jpg
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/ 26 KB
26 KB 108ms
103ms Image
image/webp 13.225.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/GettyImages-471759147-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-46.jfk51.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 21aa3f9e4b11db12f61782ad96d543f1139642f67673fb8e2c397d748c439f36

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester: canadianfamilyoffices
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
server: nginx/1.19.10
x-amz-cf-pop: JFK51-C1
etag: "fdead41c911e11185348127c1df7d8f3191461ac"
vary: Accept
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-pmd-smart-cdn-proxy: 40f839df65e4
content-length: 26548
x-amz-cf-id: BpDz87WOb0gAKHObR7v56snuvLotP2X5XWFwmIeeAp5zgx3q0JLREQ==
expires: Sun, 19 Feb 2023 22:38:27 GMT

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame DE8E 116 B
319 B 64ms
62ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-type: text/html
cf-ray: 6e02fc4bed05cacc-YYZ
age: 37812
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: ZqtVsEuYnUWf24tgCAvuZOdWsl78ma-9LepZa6Kct-MMHqb_EtU4Ew==
x-amz-cf-pop: YTO50-C3
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
39 B 85ms
85ms XHR
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: text/html
access-control-allow-origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e02fc4bed08cacc-YYZ
access-control-allow-headers: origin, content-type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
233 B 80ms
80ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e02fc4bed0acacc-YYZ
access-control-allow-headers: origin, content-type

GET
H2 200 xd.js Show response
d395dw5zk780j2.cloudfront.net/v52.0/ Frame 027F 36 KB
12 KB 23ms
22ms Script
application/javascript 2600:9000:2209:c000:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v52.0/xd.js
Requested by: Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v52.0/xd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:c000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6bf725bbf0cb0bdcbf6c79181411ae8216e57382582a3018c808394ab4074ff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d395dw5zk780j2.cloudfront.net/v52.0/xd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:07:29 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:15:18 GMT
server: AmazonS3
age: 451859
etag: W/"0166256e171cb525ba70e1f7bf0d6b30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: l86eVjtsAs5c_5IMDVFgYr_mdPNFbwdYBg9_XDKHYIH8E7X08TsUeA==

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
278 B 47ms
46ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-291f0e7d24b90a44b6eba59494d7f548/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1f45dbce486353254fefabc7035f57698bb28af5c26aa662c9f53e73fabcbd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-291f0e7d24b90a44b6eba59494d7f548
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1645310307.241429,VS0,VE35
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12822-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 39ms
15ms Preflight 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 varnish
age: 991
x-served-by: cache-yul12822-YUL
x-cache: HIT
x-cache-hits: 609
x-timer: S1645310307.230089,VS0,VE0
strict-transport-security: max-age=900

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 90ms
43ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 16747055602125368176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 75ms
18ms Script
application/x-javascript 2600:141b:13::17d7:82d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:38:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=55347
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 55ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: zyX9qnnmdAW7tJ5z6UbA5gv2Haw4LQsI8fodz19sJe/JIn0p1POj3Mg64RWF3pupaIQxjDt6cXnkEPV8X3i7pw==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Sat, 19 Feb 2022 22:38:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 72ms
23ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:34:56 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000122-IAD

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1645310307308&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.dig...
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645310307308&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.di...

0
223 B

24ms
24ms

Image
text/plain

52.85.61.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645310307308&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&c9=
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Server: 52.85.61.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-125.ewr53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: o7hWGVwe2-IxRV9IMWu6MXxtwaTpQ9rJLrTl819GeH95qWuzjTBs6Q==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645310307308&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&c9=
content-length: 231
x-amz-cf-id: 1pFFWTY45KLj1lfeQNmhq9b2XRNsxkEpMdQowEoH1IbCwUGWl05kKQ==

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 86ms
40ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 93ms
46ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 256 B
475 B 49ms
48ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 5b149c4ffc31a3051a0867cba79ee30c70822af1abccf0b0222b20a2ce98bc2f

Request headers

x-lib-version: v1.0.1
Accept-Language: en-CA,en;q=0.9
authorization: Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type: application/json
accept: application/json
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-referring-url: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 174
allowedmethods: GET,OPTIONS
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 80ms
29ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame DE8E 3 KB
2 KB 46ms
46ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 158551
cf-polished: origSize=3302
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: IAD89-C2
cf-ray: 6e02fc4daf1ccacc-YYZ
x-amz-cf-id: 1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires: Mon, 21 Feb 2022 22:38:27 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 KB
28 KB 182ms
182ms XHR
text/plain 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=261610181546004&correlator=297992207527784&eid=31064953%2C31064966&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220219&iu_parts=3081%2Ccfo.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26id%3Da78c32f6-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26id%3Da78c32f7-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D1%26id%3Da78c32f8-91d4-11ec-8dcf-0267213192c3%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26id%3Da78c32f9-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26id%3Da78c32fa-91d4-11ec-8dcf-0267213192c3%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26id%3Da78c32fb-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D3%26id%3Da78c32fc-91d4-11ec-8dcf-0267213192c3%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26id%3Da78c32fd-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cloc%3D4%26id%3Da78c32fe-91d4-11ec-8dcf-0267213192c3%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26id%3Da78c32ff-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D5%26id%3Da78c3300-91d4-11ec-8dcf-0267213192c3%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26id%3Da78c3301-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D6%26id%3Da78c3302-91d4-11ec-8dcf-0267213192c3%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26id%3Da78c3303-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D7%26id%3Da78c3304-91d4-11ec-8dcf-0267213192c3%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26id%3Da78c3305-91d4-11ec-8dcf-0267213192c3%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Dcfo%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&dt=1645310307467&lmt=1645310307&dlt=1645310306638&idt=607&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=233%2C1333%2C1893%2C2632%2C3174%2C3913%2C4473%2C4254%2C4814%2C4595%2C5137%2C4936%2C5478%2C5277%2C5819%2C5618&adks=4183305020%2C3490345154%2C4021159614%2C912055041%2C4021159613%2C4183305023%2C4021159612%2C4183305016%2C4021159587%2C4183305017%2C4021159586%2C4183305018%2C4021159585%2C4183305019%2C4021159584%2C4183305012&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&ga_vid=1558532235.1645310307&ga_sid=1645310307&ga_hid=1925134661&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

dbcad81a84a927bc09ce48a5bad9f72b0b0fb161ca68c5922d510c6b2fad46f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28476
x-xss-protection: 0
google-lineitem-id: 5850747974,5848972077,-2,5850747974,-2,5850747974,-2,5848972077,-2,5848972077,-2,5850747974,-2,5848972077,-2,5848972077
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368903865,138372041564,-2,138373951877,-2,138373951835,-2,138372107592,-2,138372108537,-2,138373951832,-2,138372108528,-2,138372043610
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
498fe6241f07fc18af643b43fa9709ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CBD6 6 KB
4 KB 147ms
33ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://498fe6241f07fc18af643b43fa9709ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Feb 2022 22:38:27 GMT
expires: Sun, 19 Feb 2023 22:38:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 11ms
9ms Preflight 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 varnish
age: 991
x-served-by: cache-yul12822-YUL
x-cache: HIT
x-cache-hits: 610
x-timer: S1645310308.502286,VS0,VE0
strict-transport-security: max-age=900

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
229 B 49ms
47ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-291f0e7d24b90a44b6eba59494d7f548/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

78f4d79c2cf0607020708289a6488ef3fa8e0d23a32efc90becc7919a7d8e00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-291f0e7d24b90a44b6eba59494d7f548
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1645310308.513670,VS0,VE36
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12822-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 21ms
18ms Script
application/x-javascript 2600:141b:13::17d7:82d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:38:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=64889
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/ 2 KB
1 KB 42ms
37ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1645310307534&cv=9&fst=1645310307534&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

e0ad6a51e0f9f057e6af09d8f5fcf91083772c25cec4e477a4b8e5453dc7bd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/580448699/ 2 KB
1 KB 68ms
38ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/580448699/?random=1645310307538&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=541862104.1645310307&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

2a9c2c1ed62af7df5e660875151ad5feac5075de9529d8e9be95419c5f514373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 buyers Show response
dmx.districtm.io/s/v1/ Frame DE8E 627 B
792 B 69ms
67ms XHR
application/json 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/buyers

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60d5a3f3bd4bb6b4b9f033178a2e68a3b780a038da122bf3efc205076e80bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e02fc4e9837cacc-YYZ
access-control-allow-headers: Origin, Content-Type

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
457 B 122ms
45ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4ef40a36-3948-4ff9-86a1-6611bff17289&tw_document_href=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 6
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
server: tsa_b
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 4978b3f060ecbe73299f72e4211a8ba76ff69a591de555c1351ea1d403ad2ac1
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
337 B 122ms
45ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4ef40a36-3948-4ff9-86a1-6611bff17289&tw_document_href=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 6
date: Sat, 19 Feb 2022 22:38:27 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 1e685253526c6f83939d2737c7fcab76c1815b4dcfec046bb0a66703ac35b974
content-length: 43

GET
H3 200 1685973801652415 Show response
connect.facebook.net/signals/config/ 310 KB
88 KB 42ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1685973801652415?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0963b47d36d152ffa0304f23892c78d85a042554ba3d65695b9214b817b14fde

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90183
x-xss-protection: 0
pragma: public
x-fb-debug: Av0NzAwGqpidkpLApzrrP8ME39bz4E1Qe+/5l8FqxTiStGDAvNofOFgxzeDaqndEwAZDX4tj9uxQwElBPsn5mg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 19 Feb 2022 22:38:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1645310307653%26url%3Dhttps%253A%252F%252Fgcp-rc-912-canadianfam...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645310307653&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=79d43ca4-f699-4c1a-ae12-e892b2cd9922
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=79d43ca4-f699-4c1a-ae12-e892b2cd9922&_expected_cookie=42053782be257f5ac888d1de...

43 B
142 B

49ms
49ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=79d43ca4-f699-4c1a-ae12-e892b2cd9922&_expected_cookie=42053782be257f5ac888d1de4ba88c06
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e02fc51f8e6544f-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=79d43ca4-f699-4c1a-ae12-e892b2cd9922&_expected_cookie=42053782be257f5ac888d1de4ba88c06
date: Sat, 19 Feb 2022 22:38:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e02fc51a83a544f-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 /
www.google.com/pagead/1p-user-list/990309138/ 42 B
548 B 92ms
44ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990309138/?random=1645310307534&cv=9&fst=1645308000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&async=1&fmt=3&is_vtc=1&random=3617804263&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/990309138/ 42 B
548 B 95ms
48ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/990309138/?random=1645310307534&cv=9&fst=1645308000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&async=1&fmt=3&is_vtc=1&random=3617804263&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=120...
https://www.google.ca/pagead/1p-conversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200...

42 B
64 B

77ms
50ms

Image
image/gif

2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=541862104.1645310307&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Y3ERYpTNJ5itNa7EoLAP&cid=CAQSKQCNIrLMCnMdjVEJ9I47N74rPl4SFTGgSMUOjgtC_rV5YILsZ4xRb4K3&eitems=ChAIgMfCkAYQ1M-hkIf_5a5YEh0AvnXNKw1jH7LI8wdoU4bwRlfrvXyc5Wn8ptQGJA&random=538287160&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Server

2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ca/pagead/1p-conversion/580448699/?random=785924766&cv=9&fst=1645310307538&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=541862104.1645310307&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Y3ERYpTNJ5itNa7EoLAP&cid=CAQSKQCNIrLMCnMdjVEJ9I47N74rPl4SFTGgSMUOjgtC_rV5YILsZ4xRb4K3&eitems=ChAIgMfCkAYQ1M-hkIf_5a5YEh0AvnXNKw1jH7LI8wdoU4bwRlfrvXyc5Wn8ptQGJA&random=538287160&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

68ecef2c-1159-499e-9d77-e4fb9c19cef1 Show response
dmx.districtm.io/s/10009/ Frame DE8E
Redirect Chain

https://x.bidswitch.net/sync?ssp=districtm&user_id=25LdTTpxNLMFH0aeKD1itnBFtYx
https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=25LdTTpxNLMFH0aeKD1itnBFtYx
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=68ecef2c-1159-499e-9d77-e4fb9c19cef1&google_hm=NjhlY2VmMmMtMTE1OS00OTllLTlkNzctZTRmYjljMTljZWYx
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELgbMGzwORZLsS0q9-ugNDk&google_cver=1&ssp=districtm&bsw_param=68ecef2c-1159-499e-9d77-e4fb9c19cef1
https://dmx.districtm.io/s/10009/68ecef2c-1159-499e-9d77-e4fb9c19cef1

92 B
163 B

75ms
75ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10009/68ecef2c-1159-499e-9d77-e4fb9c19cef1

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8cd9629175558130b67a65c4b8e75f7ef4726fd4dd5e544d33782f54e55e61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sat, 19 Feb 2022 22:38:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6e02fc514b7acacc-YYZ

Redirect headers

Location: //dmx.districtm.io/s/10009/68ecef2c-1159-499e-9d77-e4fb9c19cef1
Date: Sat, 19 Feb 2022 22:38:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

f8a9fd3c-c3c7-4c23-93a5-1b928432d5ed-62117163-4341 Show response
dmx.districtm.io/s/10001/ Frame DE8E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
https://dmx.districtm.io/s/10001/f8a9fd3c-c3c7-4c23-93a5-1b928432d5ed-62117163-4341

106 B
180 B

67ms
66ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10001/f8a9fd3c-c3c7-4c23-93a5-1b928432d5ed-62117163-4341

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1870c5967c3fcf14346cd5e9668f1bfb95ceb6033994d7e5bfdfeab725708b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sat, 19 Feb 2022 22:38:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6e02fc5009c6cacc-YYZ

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dmx.districtm.io/s/10001/f8a9fd3c-c3c7-4c23-93a5-1b928432d5ed-62117163-4341
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

y-UEjNOEJE2uHAYJmdpNDn8I2ysczzqiHDOMMvbuw-~A Show response
dmx.districtm.io/s/10057/ Frame DE8E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true
https://dmx.districtm.io/s/10057/y-UEjNOEJE2uHAYJmdpNDn8I2ysczzqiHDOMMvbuw-~A

100 B
154 B

71ms
70ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10057/y-UEjNOEJE2uHAYJmdpNDn8I2ysczzqiHDOMMvbuw-~A

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a45c61d46d9619e549854ecd2a5e5a3c0aea45a42981b7e15492bc971daa3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sat, 19 Feb 2022 22:38:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6e02fc5009c8cacc-YYZ

Redirect headers

location: https://dmx.districtm.io/s/10057/y-UEjNOEJE2uHAYJmdpNDn8I2ysczzqiHDOMMvbuw-~A
date: Sat, 19 Feb 2022 22:38:27 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

AAAGbw-QAjKEwgN0TcbYAAAAAAA&expiration=1645396707&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&is_secure=true Show response
dmx.us-east-33.districtm.io/s/10007/ Frame DE8E
Redirect Chain

https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&rurl=//dmx.us-east-33.districtm.io/s/10007/
https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=321cdb376a74121a&is_secure=true&version=1&networkId=33921&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&rurl=%2F%2Fdmx.us-east-33.districtm.io%...
https://dmx.us-east-33.districtm.io/s/10007/AAAGbw-QAjKEwgN0TcbYAAAAAAA&expiration=1645396707&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&is_secure=true

153 B
290 B

85ms
35ms

Script
application/javascript

35.231.227.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.us-east-33.districtm.io/s/10007/AAAGbw-QAjKEwgN0TcbYAAAAAAA&expiration=1645396707&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&is_secure=true

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Server

35.231.227.177 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.227.231.35.bc.googleusercontent.com

Software

Resource Hash

de542657b37e11073132b0bc7f680dfa49f9886228437167097858f44cc828b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-length: 153
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: //dmx.us-east-33.districtm.io/s/10007/AAAGbw-QAjKEwgN0TcbYAAAAAAA&expiration=1645396707&nuid=25LdTTpxNLMFH0aeKD1itnBFtYx&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

YhFxYwAHbUZwAQAy&_test=YhFxYwAHbUZwAQAy Show response
dmx.us-east-33.districtm.io/s/10016/ Frame DE8E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YhFxYwAHbUZwAQAy
https://dmx.us-east-33.districtm.io/s/10016/YhFxYwAHbUZwAQAy&_test=YhFxYwAHbUZwAQAy

95 B
232 B

110ms
35ms

Script
application/javascript

35.231.227.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.us-east-33.districtm.io/s/10016/YhFxYwAHbUZwAQAy&_test=YhFxYwAHbUZwAQAy

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Server

35.231.227.177 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.227.231.35.bc.googleusercontent.com

Software

Resource Hash

68bc7e5d748ab91b3a03d8bacee76117e6c29899f2432e32852d8b7a2f995d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-length: 95
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1645310308.788639,VS0,VE0
x-served-by: cache-yul12825-YUL
x-cache: HIT
location: https://dmx.us-east-33.districtm.io/s/10016/YhFxYwAHbUZwAQAy&_test=YhFxYwAHbUZwAQAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 1C59 47 KB
13 KB 73ms
27ms Script
application/javascript 34.197.191.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5076699831&chanId=22429240359&placementId=5850747974&pubCreative=138368903865&pubOrder=2918147269&cb=1807352370&custom=index&custom2=1&adsafe_par&impId=a78c32f6-91d4-11ec-8dcf-0267213192c3
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-191-32.compute-1.amazonaws.com
Software: /
Resource Hash: 9cab1e7fdee9a03c41b3ecb6bded4c65e0402a9d33e5cf13adcdd63347886560

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C14 0
0 86ms
83ms Fetch
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE8Cb_MtEyTAwLB6PcSbFweH56dEQRyo2keepEzjEBqer06Qf_Ih6Q4JbTfeW_yDrkeR7aB3nQ9KNAG5ELQjnUEt65kyHko3u_G--s5pPUvIWiuzFkbNTvtqb2ljkPo_J7xzi_2Q6TITQVIglcS-SR7UBi4DCzz5fBVYOojWsgEIk5syEb6rO5jLLweQDJKPsLSd4_TS31B5WrOgErM9q8TmXiX130Co7KWxhff8exhP2TMSIZ6W-pXpd9axER8OmWK-i05gcsKXIqbgP3zc1BC54vDK4OskaZBSZNJCE4nGoDk_iHepD_GpZMJGnGYaAuiA3fsp4fOWCHv82zn7XIDuEIvALFZVOkY84ynQ&sai=AMfl-YS6Q84qdaH5g7YImcQxFPjCsjcq3yTRBgT_DoYQlyquJxBaxiL_NR2VS2VYQMcbOPT_tTxn6ATVs7KopWM-2xOznRNIv2e-Rkw3u6txCi4MetuUqnxNUhe7tjD7UTV-&sig=Cg0ArKJSzDBx-BBLUHSFEAE&uach_m=[UACH]&adurl=

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 9C14 2 KB
1 KB 24ms
20ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:37:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C14 124 KB
38 KB 117ms
68ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9C14 0
0 39ms
36ms Image
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4IgyPSclcE7CqlclpmrpEtxEMCWbW_WoD5mcNhg3RpfB8LpdeF46iwmPSP3z2THu1f6N6vlpv1h_T8Pur9b8SG5WOuQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 17634339752548376428
tpc.googlesyndication.com/simgad/ Frame 9C14 84 KB
84 KB 27ms
24ms Image
image/png 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17634339752548376428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80066dc21db0442846436f30720749d364ff2c40df3f3551bd93e880fd194977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 01:11:22 GMT
x-content-type-options: nosniff
age: 595625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85621
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 16:18:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Feb 2023 01:11:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 60ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&rl=&if=false&ts=1645310307772&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1645310307770.1405333699&it=1645310307633&coo=false&exp=p0&rqm=GET

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame E851 47 KB
13 KB 25ms
25ms Script
application/javascript 34.197.191.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372041564&pubOrder=2918923800&cb=15112581&custom=index&custom2=2&adsafe_par&impId=a78c32f7-91d4-11ec-8dcf-0267213192c3
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-191-32.compute-1.amazonaws.com
Software: /
Resource Hash: 0fb51132b351a9d91bde881f136892fb6ebc27ee8b4696f41eb0ab9f71ab0c41

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8862 0
0 80ms
80ms Fetch
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXjWhW3_MzE_TIPW4Cxn0gyt1BAq1P0D-XYOj8fQHZZudHcwQPbFs7qym21HrH2cy9XmZkVMO6hktkdoABdARz-MCOO93JS9nO18cfXs5iarMEC9v-ifA8oXrj-SzcYv6YO0XD94VNwaxoq2NGQryTb_O1TShs1gizDKmnyZBXdMncoRPx8B-NalRQBM1FS7u5MukysS7GyX4h68oCC3m9WwABektgPq4fpYcBCoRz_IVCoc-EkgtL5cxw8jXJnPKWv88wcDuaxnOJIypiZTchIstQga8kaomcbmJq9SVsnbhGxliWh2YGja9Yf91eqtlePBN7EJnHIH_U5tw-dqh-iFEe7jFOSKBZAnFWWw&sai=AMfl-YRJ0_Z-0WjuVwutjbFKLgplTIFwVYlssCOheOoZXgeyKUUtzHDK2Bzq792HBL3X8nMxL1dZkdhnpV4l3adZ72zj2eTdUTse7UzVcdxDTEwYn2Bd-upbOi-ywIDRfX-s&sig=Cg0ArKJSzG_32t4_BRSSEAE&uach_m=[UACH]&adurl=

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8862 2 KB
1 KB 48ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:37:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8862 124 KB
38 KB 85ms
84ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
H3 200 5787534106586149645
tpc.googlesyndication.com/simgad/ Frame 8862 94 KB
94 KB 49ms
20ms Image
image/jpeg 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5787534106586149645

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99fe38b946e11cc323b148f60c64414245b624d876f7a28fe61b3a056134b2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 22:03:54 GMT
x-content-type-options: nosniff
age: 520473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95989
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 03:00:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Feb 2023 22:03:54 GMT

GET
H2 200 main.gr.19.8.289.js Show response
static.adsafeprotected.com/ Frame 1C59 189 KB
60 KB 60ms
21ms Script
application/javascript 2600:9000:2209:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5076699831&chanId=22429240359&placementId=5850747974&pubCreative=138368903865&pubOrder=2918147269&cb=1807352370&custom=index&custom2=1&adsafe_par&impId=a78c32f6-91d4-11ec-8dcf-0267213192c3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:07:08 GMT
content-encoding: gzip
age: 365480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Feb 2022 16:52:16 GMT
server: AmazonS3
etag: W/"e894d9dd87d5e06b21396e04a0c29127"
vary: Accept-Encoding
x-amz-version-id: QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-P1
content-type: application/javascript
x-amz-cf-id: Qq0fZ4-UQlV5GDh2oLSaz5mDNDzd3IQxJ3-6gmIE9Cu3GpJ1kCGJzw==

GET
H2 200 main.gr.19.8.289.js Show response
static.adsafeprotected.com/ Frame E851 189 KB
60 KB 66ms
43ms Script
application/javascript 2600:9000:2209:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372041564&pubOrder=2918923800&cb=15112581&custom=index&custom2=2&adsafe_par&impId=a78c32f7-91d4-11ec-8dcf-0267213192c3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:07:08 GMT
content-encoding: gzip
age: 365480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Feb 2022 16:52:16 GMT
server: AmazonS3
etag: W/"e894d9dd87d5e06b21396e04a0c29127"
vary: Accept-Encoding
x-amz-version-id: QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-P1
content-type: application/javascript
x-amz-cf-id: jMe19SVFtZFKCTORShTyFWWpEhUjJvni3Vo89LAWetoPxRnFIvuVEw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C14 0
0 81ms
81ms Fetch
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseyJxXHI-KJhKZwgUfJAAo0JrTLnWCojmk8gzNftWsiNybYDEk-EeweH-e4Ek4oWEGPz1uAmI3vuEkPu-TFphF2m4kC6HW_3K8FF8vH9hhs_bkH127BKiL-ZsdDGK4b2_XIvbWlPtZ85aN9peE937vB1GJOEDRiJGQMUdFXGXujGSM44L_8jd4Aoj47f-RiakdJGL1M3KFbNTdsYAxoPBQQ1FZsYwgxOV63sEZGFQqIEeDxvhdRWvCYAaoDjI5xYajs-MkfPWF7H2tni3QSK2w1BrMNKhb1HS1yZsRNGBgjSLL6ExfdAy6igcNN6P8HWyE9oG-QrhDDA9HhQUwZWr20-3LR6M8i2Bay4O3akc1&sai=AMfl-YSJEfMliAuEeFo91Cpo6i0V1K9tONv5GXoSoXqJnsyKLKnq7Ni5fgbdBUUvRuI4ueIGCuOYSMN2Y5Q3B9CvigJ29Y8IdQkriGxIuj6QcGF1PZVAqmgg8uonv81FkU46&sig=Cg0ArKJSzMjRdAB5OJcCEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
DATA 200
OK truncated
/ Frame 9C14 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dc4b36750fc5fc71e1442d87be9b778c3abebe198ee3035c5edfe70afdfe028

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8862 0
0 81ms
80ms Fetch
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6MxkCMx-B5g78dgtDdD-OstbvtReqtYzxEV0q9uhQ2jMXPsR75Bkf_1UYfuxLN_Y957fTDpxcwRvjjwCuOFQV5dfqIT44uVA6OxwBmI84bFvg-3hs_f9vIxeWXhYXIV0cSvZu_2Uubb0VqinnBkpStFngv0nV2hRsMZ9r_AF-FA4riBEk2p95hksTj587EY0mxAqd7_Labqsix6hf_wQJ_8aZJXk1-O8NSCwagOiD1gdZtnUzqcsbZ55mjHiC3sNzO1x1laR93tO-rU-C7-rRA0s2ZGlKS6lN9r3q3uBYZUn969hxG1No9WtKuSR4mPUiU93ouisGCvNdjDM1nlh_tAllWMnif_eMF2b9_7Dc&sai=AMfl-YQcicuU6LXuh1naoLRfgZJKtO4rJUH4Gjd79d8d89acSTRvuWUNauuOo4MzisSTCYjveyiwnm5XTeGNZtYXKTBGs9DHDh7isOAB8glN_RdZWpG8n2DPgUrihTnzbiXZ&sig=Cg0ArKJSzI3iMiJEsKa1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Feb 2022 22:38:27 GMT

GET
DATA 200
OK truncated
/ Frame 8862 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b42332d70fbc2ca77d4b8ad009f9517b22d045e8f22e144f70c748db9ebe4367

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame BE44 80 KB
21 KB 19ms
19ms Script
application/javascript 2600:9000:2209:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 7327339
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-P1
content-type: application/javascript
x-amz-cf-id: WE7rylkaTIXmwzBKPfteIcTXiV9wbJs-LteFB0TfSdF_7CMfzPCI5g==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 29ms
29ms Image
image/gif 34.197.191.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=5076699831&chanId=22429240359&placementId=5850747974&pubCreative=138368903865&pubOrder=2918147269&cb=1807352370&custom=index&custom2=1&adsafe_par&impId=a78c32f6-91d4-11ec-8dcf-0267213192c3&adsafe_url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:5de0b9fb-cf49-47ac-7148-0041e4a8e4c3,c:4I1KI0,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-56dd85c7c8-x84xd,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:164,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C151,idMap:14*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:184,oid:a7e74aae-91d4-11ec-909f-f2dc2685e422,v:19.8.289,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-191-32.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: app19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 242ms
80ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KI2,pingTime:-8,time:185,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:185,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B18~100%5D,as:%5B19~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 2558 80 KB
21 KB 19ms
19ms Script
application/javascript 2600:9000:2209:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 7327339
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-P1
content-type: application/javascript
x-amz-cf-id: EFET4pEJvm0k4oLutFn9noreOKvznzysHxCiz8DnyVGXR4PBS1yA7A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 28ms
27ms Image
image/gif 34.197.191.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372041564&pubOrder=2918923800&cb=15112581&custom=index&custom2=2&adsafe_par&impId=a78c32f7-91d4-11ec-8dcf-0267213192c3&adsafe_url=https%3A%2F%2Fgcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:369b34b9-7a10-a6e7-6e41-d175eaae2d1e,c:4I1KIt,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-56dd85c7c8-b56vr,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.1208.970.250,am:i,cc:315.1208.970.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:189,fm:sXVEnrq+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:197,oid:a7ecf0df-91d4-11ec-88f8-9ed0e558cb51,v:19.8.289,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-191-32.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: app06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 300ms
156ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=369b34b9-7a10-a6e7-6e41-d175eaae2d1e&tv=%7Bc:4I1KIt,pingTime:-8,time:197,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:198,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:197,wc:0.0.1600.1200,ac:315.1208.970.250,am:i,cc:315.1208.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B7~0%5D,as:%5B7~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXVEnrq+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 216ms
78ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KIK,pingTime:0,time:229,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:229,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B62~100%5D,as:%5B62~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 206ms
81ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KIW,pingTime:-2,time:241,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:104,beZ:105,mfA:268,cmA:269,inA:270,inZ:274,prA:274,prZ:279,si:288,poA:290,poZ:308,cmZ:308,mfZ:308,loA:334,loZ:337,ltA:345,ltZ:345%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:241,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~100%5D,as:%5B74~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/cfo.com/index_0,google_ads_iframe_/3081/cfo.com/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:54,readyFired:true%7D&br=u
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 279ms
156ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=369b34b9-7a10-a6e7-6e41-d175eaae2d1e&tv=%7Bc:4I1KIZ,pingTime:-2,time:229,type:a,im:%7BpBlk:207,sf:0,pom:1,prf:%7BbeA:33,beZ:34,mfA:223,cmA:223,inA:223,inZ:225,prA:225,prZ:227,si:230,poA:231,bl:240,poZ:240,cmZ:240,mfZ:240,loA:255,loZ:256,ltA:262,ltZ:262%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:197%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:229,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:197,wc:0.0.1600.1200,ac:315.1208.970.250,am:i,cc:315.1208.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXVEnrb+11%7C12%7C13%7C14.928934%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/cfo.com/index_1,google_ads_iframe_/3081/cfo.com/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:30,readyFired:true%7D&br=u
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 159ms
80ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KJG,time:287,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:287,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B120~100%5D,as:%5B120~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 138ms
138ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=369b34b9-7a10-a6e7-6e41-d175eaae2d1e&tv=%7Bc:4I1KJH,time:273,type:e,im:%7BpWait:4%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:273,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:197,wc:0.0.1600.1200,ac:315.1208.970.250,am:i,cc:315.1208.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXVEnrb+11%7C12%7C13%7C14.928934%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame DE8E 0
674 B 66ms
65ms XHR
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 19 Feb 2022 22:38:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
content-type: text/html
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e02fc536e61cacc-YYZ
access-control-allow-headers: Origin, Content-Type

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 273ms
233ms Preflight
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Feb 2022 22:38:28 GMT
content-type: text/html
cf-ray: 6e02fc5209713fd8-YYZ
access-control-allow-origin: https://cdn.districtm.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-max-age: 14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0117 0
18 B 42ms
18ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

content-type: text/plain
access-control-allow-origin: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Sat, 19 Feb 2022 22:38:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 80ms
80ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KNL,pingTime:-10,time:541,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645310308349%7C%7C672275dec0c9f222bd0fc63fde960eeb%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C1ab3a23ec2a4a9031af34e109690f6da%7C%7C33987b7a37f30b0c0caecb5b497bfe70%7C%7Ceffe2553ab51e1267eaa8b0d4ff5660b%7C%7C979497aeb41fbd101bb3ac43ebabdc50%7C%7C3f6c0d291cb9b3de8697f77fdaafa006%7C%7C1629390669%7D
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 96ms
47ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

accdb5a7e1942a13305960a39938a82c56509fc4f9120f29164f2e2844e9e11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9698
x-xss-protection: 0

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 1B5F 0
434 B 122ms
51ms Document
text/html 142.250.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gb-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 19 Feb 2022 22:38:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ribn-postmedia.min.js Show response
assets.ribn.com/v2/production/ 13 KB
4 KB 60ms
20ms Script
application/javascript 2600:9000:2209:2e00:7:75d4:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by: Host: gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
URL: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:2e00:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 22:43:13 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 18:06:03 GMT
server: AmazonS3
age: 86116
etag: W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: 9bAGhmhUA5-7GEgYOqCrdK5zHuuGPnG61gFFX9DkIFrUyv_hM8qRTw==

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/10276888/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
350 B

17ms
17ms

Script
application/javascript

52.85.61.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 52.85.61.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-125.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:15:23 GMT
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: ukRkxClFi4se3vCAKV-ayfIWdpuf2xNxaSQ6OPPOMg8ZVYDfHUedkQ==

Redirect headers

date: Sat, 19 Feb 2022 22:38:28 GMT
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: msCycPIgw_chS_hchI5MEcKvlKZ7VKYctg7Zf9HAAh7tFKaD_UKsrQ==

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame DE8E 0
681 B 73ms
72ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 19 Feb 2022 22:38:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e02fc544fa5cacc-YYZ
access-control-allow-headers: Origin, Content-Type

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 70ms
70ms Preflight
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Feb 2022 22:38:28 GMT
content-type: text/html
cf-ray: 6e02fc53dc983fd8-YYZ
access-control-allow-origin: https://cdn.districtm.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-max-age: 14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 22:38:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 79ms
79ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=369b34b9-7a10-a6e7-6e41-d175eaae2d1e&tv=%7Bc:4I1KRm,pingTime:-10,time:748,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645310308349%7C%7C672275dec0c9f222bd0fc63fde960eeb%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C1ab3a23ec2a4a9031af34e109690f6da%7C%7C33987b7a37f30b0c0caecb5b497bfe70%7C%7Ceffe2553ab51e1267eaa8b0d4ff5660b%7C%7C979497aeb41fbd101bb3ac43ebabdc50%7C%7C3f6c0d291cb9b3de8697f77fdaafa006%7C%7C1629390669,sca:%7Bspg:5de0b9fb-cf49-47ac-7148-0041e4a8e4c3%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E8B1 13 KB
5 KB 19ms
19ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Feb 2022 00:34:45 GMT
expires: Sun, 19 Feb 2023 00:34:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 79423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F555 783 B
533 B 40ms
39ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b74ac1e17b2cc473ffa9a478e389189bf62c3ea88bd02fb66dd494319518fce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f2fhLoDnYBUvNiKdN/tcWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Feb 2022 22:38:28 GMT
date: Sat, 19 Feb 2022 22:38:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-f2fhLoDnYBUvNiKdN/tcWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame E8B1 35 KB
13 KB 48ms
20ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 08:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 08:01:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F555 0
0 91ms
83ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021401&jk=261610181546004&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E8B1 0
9 B 19ms
19ms Image
text/plain 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pKOpzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:38:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 82ms
82ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021401&jk=261610181546004&bg=!SEulSw_NAAbf-5Dq3_s7ACkAdvg8WpKHCStArEV5d7JFrX_DV_cwnxVhh91n5TkwZjIK3wt7ar4CxQIAAABcUgAAAAJoAQeZAvlNjAGEYh4lZCfZwTv92C46eu05s0xLj9eUANC34vtElhkOEttyqIITj2GiHa-JubxueiI5xwAN5CXTmIdio6XY4vzMpKCHTf3XqIpE2SbdP8Da_O7upNtm_bHUw5zRZOpyfl8RhhjorfB36KCaM3YZ8ZVAr-MohUtLOsFkB54BDAad5VZsYYhvwkANkzYbX5upzs5U8P5GRooePBCczeYftls8IQrqZkzK-ex_RXRX2OcY3UBFRLURI7lqET0_cStcxrPyRydHfO1ZdPP7KIQXSTQSRWGGBShviqvm3bRfQXXuxgic5MQodjBc7F2rlc0mBbBjtVWu2EBUekd7C6poy0EsqKFPa0SnJfRVf-fqDtu6TgwSKs4PkV4r7BUGfhbgTmNZU2o4jQKJaNONYgSGFHDS2EHdIU-uxspi3mbjHMovZtQ0AUdz3OaeE-KB8IVlTX-GybGDHNPuOWIpqicpB3hr_aUIGoIgjKYBqUQFgxNMKE5O0N7-Ve6TcRMizyXB6AIh_I8K6v9fzQwsvFg4E-vZkjyEvnCbfsF67l-2yJwlP95mLbrU1j6gAM_RIzWXhHmCK1zYKTYrYa2wInA4LKQU2FuDDlR9Lso14y-Y8w1GwmULOZf3xH_Iy7aad-ji1PqrDMNH75zDxY17BECK_fGPKQGmMc5f0NEaTQIP5mISARWEoCVfc4CtZudQzK1R2s5ZwkXjqMln6WV3b7VLI33CM46afU3AZC9uDthkBPT4xtlS7sKhD4z0qdyPGhxgPdoFXsRY8XVhgZjwuCEoHtpzTG4bp8n_AmEHTlRAlDxjBUi-jjSZDHWVhQAMVbTLXdDR01JmICBj3fn1YOKnozqsDlLEb1V9BwfDanZeeTPM7IfxkZR_Ufz3wDpQKKwYihZH-6agmDP7SiwHbl9amUtIbzZqFM4dvfmr3cn19baoOL6uPrJd_3jEwxIRpOknrR0LfYCDUmGiYoKPgDxh1t0DbsXHia4lCrjO1e1BZvIGfyl-kquxEA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C14 42 B
64 B 104ms
78ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0UfZT7v3yvwT4qic2Itb-OrcOst-Khd9NqrOmnLZzRBpcmFfSziKWa5KjKsp8sSF0DIpxhi98KIjbpckCTv2DKtX-cavUb3PgR_E29qSeaUcZISa8&sig=Cg0ArKJSzBBOtOEkE9cGEAE&id=lidar2&mcvt=1000&p=108,315,358,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4183305020&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645310307696&rpt=198&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 81ms
80ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KYT,pingTime:1,time:1230,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1230,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1063~100%5D,as:%5B1063~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:83,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:29 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 80ms
79ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KYU,pingTime:1,time:1231,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1231,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1064~100%5D,as:%5B1064~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:83,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:29 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 79ms
79ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1KYU,pingTime:1,time:1231,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1231,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1064~100%5D,as:%5B1064~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:83,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:29 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
216 B 26ms
26ms Image
image/gif 34.197.191.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:928934&sessionId:ad3f7f14-f370-f997-3907-a51564dbff62&err:responsetime%3A98%26probability%3A10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-191-32.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:29 GMT
x-server-name: app01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-291f0e7d24b90a44b6eba59494d7f548/ 42 B
286 B 51ms
25ms Fetch
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-291f0e7d24b90a44b6eba59494d7f548/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-291f0e7d24b90a44b6eba59494d7f548/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 40fc26273d69c37f8845fc96f7c44d15c69d3d9bedf64ab35822f5aa76b14879

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 19 Feb 2022 22:38:32 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1645310312.421800,VS0,VE15
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-yul12827-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 80ms
79ms Image
image/gif 34.208.15.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=5de0b9fb-cf49-47ac-7148-0041e4a8e4c3&tv=%7Bc:4I1M1p,pingTime:5,time:5230,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5230,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:182,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5063~100%5D,as:%5B5063~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:84,fm:sXVEnrb+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.15.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-15-181.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:38:33 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: smartcdn.gprod.postmedia.digital
URL: https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/GettyImages-1219974733-WEB.jpg?quality=90&strip=all&w=344&type=webp

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/	1970-01-20 01:11:55	Name: x-id Value: {"data":{"id":"9lfkcknuvyrgtxkprdeifdlz1o8j0gfi","updated":1645310307029},"exp":604800000,"ts":1645310307056,"mac":537767868}
.postmedia.digital/	1970-01-20 03:11:26	Name: _gcl_au Value: 1.1.541862104.1645310307
gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/	1970-01-20 01:01:50	Name: __adblocker Value: false
.scorecardresearch.com/	1970-01-20 18:18:38	Name: UID Value: 1B8856df54592dc4daf119c1645310307
d395dw5zk780j2.cloudfront.net/	1970-01-20 01:11:55	Name: x-id Value: {"data":{"id":"9lfkcknuvyrgtxkprdeifdlz1o8j0gfi","updated":1645310307029},"exp":604800000,"ts":1645310307392,"mac":537860961}
gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/	1970-01-20 01:01:52	Name: sailthru_pageviews Value: 1
gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/	1970-01-20 01:11:55	Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1645310307454,"mac":-1053695758}
.postmedia.digital/	1970-01-20 09:47:26	Name: mprtcl-v4_D08364F6 Value: {'gs':{'ie':1\|'dt':'us1-291f0e7d24b90a44b6eba59494d7f548'\|'av':'1.0.0'\|'cgid':'d3b51a7a-a03a-4bbd-8d70-d65c6cb51834'\|'das':'5e2b3044-261a-4f77-ba4d-04af43d297c4'\|'csm':'WyItMTI3MjAzNDA2MDM5MjEyODA1NSJd'\|'sid':'149B6F65-83BC-4EAA-9CE3-5983D92824EC'\|'les':1645310307498\|'ssd':1645310307194}\|'l':1\|'-1272034060392128055':{'fst':1645310307369\|'ui':'eyIwIjoiOWxma2NrbnV2eXJndHhrcHJkZWlmZGx6MW84ajBnZmkifQ=='}\|'cu':'-1272034060392128055'}
gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital/	1970-01-20 09:47:26	Name: sailthru_visitor Value: 2267ebaa-73ea-4fea-a133-54d1f449c726
.postmedia.digital/	1970-01-20 10:23:26	Name: __gads Value: ID=83c874fa3387b298-2272d79228d00076:T=1645310307:S=ALNI_MaJYXe6caYnegR8_LGKPTKDYhoHVw
.twitter.com/	1970-01-20 18:33:02	Name: personalization_id Value: "v1_vKGHvvn2F77dSnW48Ic4Mg=="
.t.co/	1970-01-20 18:33:02	Name: muc_ads Value: 1122d8fb-3cfb-44d5-a9fa-6446c049d668
.everesttech.net/	1970-01-20 09:47:26	Name: everest_g_v2 Value: g_surferid~YhFxYwAHbUZwAQAy
.linkedin.com/	1970-01-20 03:11:26	Name: li_sugr Value: 79d43ca4-f699-4c1a-ae12-e892b2cd9922
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:33:44	Name: bcookie Value: "v=2&4348c88e-e443-4254-8594-72afdb03c869"
.linkedin.com/	1970-01-20 01:03:16	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2532:u=1:x=1:i=1645310307:t=1645396707:v=2:sig=AQFiuRZIDNbS9j_H6Xjz4uacVVytkMiu"
.postmedia.digital/	1970-01-20 03:11:26	Name: _fbp Value: fb.1.1645310307770.1405333699
.sitescout.com/	1970-01-20 09:47:26	Name: ssi Value: f8a9fd3c-c3c7-4c23-93a5-1b928432d5ed#1645310307765
.yahoo.com/	1970-01-20 09:47:47	Name: A3 Value: d=AQABBGNxEWICEG4bFcQ_o0KeaR5WTBnc32gFEgEBAQHCEmIbYgAAAAAA_eMAAA&S=AQAAArp67xFTMwtxki6tDM9zrjk
.dotomi.com/	1970-01-20 01:01:50	Name: DotomiTest Value: 321cdb376a74121a
.bidswitch.net/	1970-01-20 09:47:26	Name: tuuid Value: 68ecef2c-1159-499e-9d77-e4fb9c19cef1
.bidswitch.net/	1970-01-20 09:47:26	Name: c Value: 1645310307
.bidswitch.net/	1970-01-20 09:47:26	Name: tuuid_lu Value: 1645310307
.doubleclick.net/	1970-01-20 18:33:02	Name: IDE Value: AHWqTUnS4JIlnHJmv5-984VtdlrI7BNxu5fKPyS9Klcs2mlnn5tD_nfB2A8OlvifwQY
.sitescout.com/	1970-01-20 01:45:02	Name: _ssuma Value: e30
.analytics.yahoo.com/	1970-01-20 09:47:26	Name: IDSYNC Value: 191l~23by
.linkedin.com/	1970-01-20 01:45:02	Name: UserMatchHistory Value: AQIAg-YfatZAMQAAAX8UIu3ojgImz-FIApV0P9y6BCt1j1hg1kLYFMdScuEu2qaV-Zt14g7yHfJ4Cg
.linkedin.com/	1970-01-20 01:45:02	Name: AnalyticsSyncHistory Value: AQLjMyros_XFbAAAAX8UIu3ppUQuql5fUoopPjCbYmyQLr4tPAQgrIErPMumlFT_dagRvmDQ8Zl7ahLlSu8EQA
.facebook.com/	1970-01-20 03:11:26	Name: fr Value: 06ITmDcRfSCuswgV5..BiEXFj...1.0.BiEXFj.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 18:33:44	Name: bscookie Value: "v=1&20220219223827055431cb-1a9c-4253-8c46-f7bf94e7ad7dAQFPEd5nlxphXh3uSLp52zUctILmz7Am"
.adsymptotic.com/	1970-01-20 03:11:26	Name: U Value: 42053782be257f5ac888d1de4ba88c06
.districtm.io/	1970-01-20 01:27:45	Name: _dm_uid Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FGQXJJR0d6STFUR1JVVkhCNFRreE5Sa2d3WVdWTFJERnBkRzVDUm5SWmVMb0dOd2lSVGhJeVpqaGhPV1prTTJNdFl6TmpOeTAwWXpJekxUa3pZVFV0TVdJNU1qZzBNekprTldWa0xUWXlNVEUzTVRZekxUUXpOREc2QmlBSWwwNFNHMEZCUVVkaWR5MVJRV3BMUlhkblRqQlVZMkpaUVVGQlFVRkJRYm9HS1FpWlRoSWtOamhsWTJWbU1tTXRNVEUxT1MwME9UbGxMVGxrTnpjdFpUUm1ZamxqTVRsalpXWXh1Z1lWQ0tCT0VoQlphRVo0V1hkQlNHSlZXbmRCVVVGNXVnWURDS3BPdWdZRENLNU91Z1lEQ0xCT3VnWXhDTWxPRWl4NUxWVkZhazVQUlVwRk1uVklRVmxLYldSd1RrUnVPRWt5ZVhOamVucHhhVWhFVDAxTmRtSjFkeTErUVE9PSIsImlhdCI6MTY0NTMxMDMwOH0.-9v26WsQD3rrrvVPRGrKD5KG2uh68PkyCJAYpGYYuiBtZXaR63igAdzCnlIoyFoKSRiEOlzHKbpJkcTytQGfeg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

498fe6241f07fc18af643b43fa9709ab.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics.twitter.com
api.sail-personalize.com
assets.ribn.com
auth.lrcontent.com
bid.g.doubleclick.net
cdn.adsafeprotected.com
cdn.districtm.io
cm.g.doubleclick.net
connect.facebook.net
d395dw5zk780j2.cloudfront.net
districtm-match.dotomi.com
dmx.districtm.io
dmx.us-east-33.districtm.io
dt.adsafeprotected.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital
googleads.g.doubleclick.net
hb.districtm.io
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
p.adsymptotic.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
px.ads.linkedin.com
px4.ads.linkedin.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
smartcdn.prod.postmedia.digital
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
storage.googleapis.com
sync-tm.everesttech.net
t.co
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.npttech.com
x.bidswitch.net
smartcdn.gprod.postmedia.digital
104.16.190.66
104.18.100.194
104.244.42.3
104.244.42.5
108.174.10.24
13.225.230.46
142.250.111.154
142.250.80.2
142.250.80.34
142.251.40.130
146.75.28.157
151.101.2.49
207.198.113.169
2600:141b:13::17d7:82d1
2600:9000:2209:2e00:7:75d4:e40:93a1
2600:9000:2209:6600:8:48e:53c0:93a1
2600:9000:2209:c000:8:f216:eb80:93a1
2606:4700:10::6816:49e8
2606:4700:3032::ac43:c0b6
2606:ae80:1451:19::1370
2607:f8b0:4006:807::2003
2607:f8b0:4006:80b::2010
2607:f8b0:4006:80c::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2004
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2008
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42:600::645
34.149.157.221
34.197.191.32
34.208.15.181
35.203.21.171
35.211.178.172
35.231.227.177
52.45.33.138
52.85.61.107
52.85.61.125
52.85.61.36
52.85.61.46
75.2.40.13
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
065cc6236a7bc9dd6f1234f05781416f8c614de7a4b0560d928d99756b411d7a
0762b8d5ce51c6b44f2ccdbf2a1fdea015089b0e141d1c3c825ae462acc5c065
0878df8b9a030066f26276aab6a4e36e509b480ec37fdac609ec3037611267d4
0963b47d36d152ffa0304f23892c78d85a042554ba3d65695b9214b817b14fde
0c690ec8c9f576e907c74e94e5feaee29628aae272bd3b5c7a80c0a1d8620712
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fb51132b351a9d91bde881f136892fb6ebc27ee8b4696f41eb0ab9f71ab0c41
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14b2941f828287cedba9021f40e5ffd7134bc81a7fa9f8c95babbfed79eee414
1c2cd2a9b3696372f871464701c206fbbd7f47d1e5e86f019193252cc3ea30ca
1dc4b36750fc5fc71e1442d87be9b778c3abebe198ee3035c5edfe70afdfe028
1dd1a6a145e1ea2750d60fd2f3de8e823197e98eba48ce407bf5bc471e4ba3a5
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
1f45dbce486353254fefabc7035f57698bb28af5c26aa662c9f53e73fabcbd31
207971b8c98d17783acd3f3703856efed323967819a88a8d66038656a4a1e313
21aa3f9e4b11db12f61782ad96d543f1139642f67673fb8e2c397d748c439f36
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2a9c2c1ed62af7df5e660875151ad5feac5075de9529d8e9be95419c5f514373
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
3c59439b4ea6905545d0a5f41278422ee0d3bb3d370b4b8eaea35f306a9e1f63
40fc26273d69c37f8845fc96f7c44d15c69d3d9bedf64ab35822f5aa76b14879
454f5fb30eb58ad26082a91cb6e22b58636a04e0dadf8c556c37a9502c1d9d01
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
541eeb57ed6441577ff5ffeadc446715eb7b288b5fa7a48d8684d14627852344
547bd68f3066013a77c5a66650f55040f12d51875a76d616d47fffa68b35188e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b149c4ffc31a3051a0867cba79ee30c70822af1abccf0b0222b20a2ce98bc2f
5b74ac1e17b2cc473ffa9a478e389189bf62c3ea88bd02fb66dd494319518fce
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5cbe5580f5146a47c890b75f962c3e8895431a5d8146cdff8504b6a6bd14b137
5fb6d69941da291501efde94bd6471b8388d0f82fc8d19379d7e62f9f37c10c1
5fedd8fffa3ac78628ee74a3fd6896f3142cefd6425040d8c2ad6ea0f9177243
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
650b420a667a11a2aa17d883d25dad93d5a94e1743bda8fb729307c46ccd7f88
65bdb0f68bb734a9ee0412aeb1d9898bd4098339efd43b8356acf19b3d8c3ad5
675835b816c69aaa3e287822cf525921f9204190e3a3b337149a5d925743eece
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
68bc7e5d748ab91b3a03d8bacee76117e6c29899f2432e32852d8b7a2f995d53
6902e79f7c8a801e6c1e25c65fd4dcf30034a12d12dad3286d2f0af4457c9b0c
709932d262282e65073a8940fc09fc3fffbeb13682a8190bf8a1e96fc2c59888
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
747cb3e3d01d3921d418165ca7916a7e94de6e96d2c8167287d52027de68f578
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
78f4d79c2cf0607020708289a6488ef3fa8e0d23a32efc90becc7919a7d8e00a
7fb0c7ff737b4e24b5779966ab33cf471e3902f26e598e3f4e8ea365c370aff9
80066dc21db0442846436f30720749d364ff2c40df3f3551bd93e880fd194977
8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
978d18e8d69ce3671087886a891b26a7c7d9ee8a81a816dcddae04cb167888ca
99fe38b946e11cc323b148f60c64414245b624d876f7a28fe61b3a056134b2e2
9cab1e7fdee9a03c41b3ecb6bded4c65e0402a9d33e5cf13adcdd63347886560
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98e42e3eb993cc80c926236bbdcbfbd4c531f23bc794d51c0f09c74a526f746
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
accdb5a7e1942a13305960a39938a82c56509fc4f9120f29164f2e2844e9e11e
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
adaf81788242f9c48cc12172354c5df3e22fdcbcd2c3979dd83b419bb59e3db7
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aebf0e0d15c0130fbe1375e3d5daff30441efea4c2545cc9f69cea6c13bab3a9
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30a9440e738dae3a0fb460d1d8836f66113d78863686160db005978072a3436
b42332d70fbc2ca77d4b8ad009f9517b22d045e8f22e144f70c748db9ebe4367
b5a45c61d46d9619e549854ecd2a5e5a3c0aea45a42981b7e15492bc971daa3c
c34a8a0b65cf59296a14ec02e7623cceb0c63b85ab93de38758c6390ce451e45
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca244cabb27e7317838760459ff01cc03db11aaaaa4eb97b2a816211deaac16b
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d6bf725bbf0cb0bdcbf6c79181411ae8216e57382582a3018c808394ab4074ff
d80c71bd46edd17ef2cf159b8916c211ddecbd811a83bbf5b5b6de7a0ac50b4c
dad3f4c8cc703adefb2b159c92b455aa4b53b541168c384e630456aabfe7dac6
dbcad81a84a927bc09ce48a5bad9f72b0b0fb161ca68c5922d510c6b2fad46f7
de542657b37e11073132b0bc7f680dfa49f9886228437167097858f44cc828b1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0ad6a51e0f9f057e6af09d8f5fcf91083772c25cec4e477a4b8e5453dc7bd17
e1870c5967c3fcf14346cd5e9668f1bfb95ceb6033994d7e5bfdfeab725708b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59
e60d5a3f3bd4bb6b4b9f033178a2e68a3b780a038da122bf3efc205076e80bc0
e8cd9629175558130b67a65c4b8e75f7ef4726fd4dd5e544d33782f54e55e61e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ef95b3042a40188772fba913faf3582345ea35868a2340b9f0ea1954f2c0b
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f941ce73be54798e5c2a4893eac30dbd212622fe0dfbe1e7442ce8f780e04b6a
faed02a1ee7adf588b64ff3f041802b0bc57333704589e65c426012cddabb22c
fbdd79cac903cbaf80d8f32e9762b334e0779daa018cc745fa0608698b9f5d4b
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital Open in urlscan Pro 35.203.21.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

93 %HTTPS

49 %IPv6

33 Domains

54 Subdomains

42 IPs

3 Countries

1856 kBTransfer

4985 kBSize

34 Cookies

7 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gcp-rc-912-canadianfamilyoffices.gstage.postmedia.digital Open in urlscan Pro
35.203.21.171 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

93 %
HTTPS

49 %
IPv6

33
Domains

54
Subdomains

42
IPs

3
Countries

1856 kB
Transfer

4985 kB
Size

34
Cookies

139 HTTP transactions
2 data transactions