urlscan.io logo urlscan.io
SecurityTrails logo

trk-ca.prltrack.com Open in urlscan Pro
2606:4700:3035::ac43:df31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reurl.cc/WreObL
Effective URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc...
Submission: On July 20 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 16 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3035::ac43:df31, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk-ca.prltrack.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 12th 2021. Valid for: a year.
This is the only time trk-ca.prltrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 35.185.130.121 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 52.217.85.184 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 178.255.47.116 200088 (ARTNET2)
1 1 20.91.223.9 8075 (MICROSOFT...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 22 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 54.230.163.127 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
40 13
4    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2607:f8b0:4006:81c::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.217.85.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
gvfcdgtf.s3.us-east-1.amazonaws.com
1    2607:f8b0:4006:820::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:80b::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    178.255.47.116 (Poland)

ASN200088 (ARTNET2, PL)
PTR: v47116.artnet.gda.pl
rathemself.com
1    20.91.223.9 (Gävle, Sweden)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.gauchlead.com
1    2606:4700:3031::6815:28fa (United States)

ASN13335 (CLOUDFLARENET, US)
trk.wawug.com
22    2606:4700:3035::ac43:df31 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-ca.prltrack.com
cdn-ca.prltrack.com
trk.prltrack.com
2    2607:f8b0:4006:81d::200a (New York, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    54.230.163.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-127.ewr53.r.cloudfront.net
openfpcdn.io
1    2600:9000:21da:4800:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets3.lottiefiles.com
Apex Domain
Subdomains		 Transfer
22 prltrack.com
trk-ca.prltrack.com
cdn-ca.prltrack.com
trk.prltrack.com
285 KB
4 reurl.cc
reurl.cc — Cisco Umbrella Rank: 238970
2 KB
2 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 25336
13 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 737
32 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 303
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
33 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
1 lottiefiles.com
assets3.lottiefiles.com — Cisco Umbrella Rank: 165601
2 KB
1 wawug.com
trk.wawug.com
803 B
1 gauchlead.com
www.gauchlead.com
612 B
1 rathemself.com
rathemself.com
309 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 7542
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
501 B
1 amazonaws.com
gvfcdgtf.s3.us-east-1.amazonaws.com
590 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
397 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
437 B
40 16
Domain Requested by
12 cdn-ca.prltrack.com trk-ca.prltrack.com
8 trk.prltrack.com cdn-ca.prltrack.com
4 reurl.cc reurl.cc
2 openfpcdn.io 1 redirects trk-ca.prltrack.com
2 maxcdn.bootstrapcdn.com trk-ca.prltrack.com
2 ajax.googleapis.com trk-ca.prltrack.com
2 trk-ca.prltrack.com 1 redirects gvfcdgtf.s3.us-east-1.amazonaws.com
2 connect.facebook.net reurl.cc
connect.facebook.net
2 www.google-analytics.com reurl.cc
www.google-analytics.com
1 assets3.lottiefiles.com trk-ca.prltrack.com
1 trk.wawug.com 1 redirects
1 www.gauchlead.com 1 redirects
1 rathemself.com 1 redirects
1 www.google.ca
1 www.google.com
1 gvfcdgtf.s3.us-east-1.amazonaws.com reurl.cc
1 www.facebook.com reurl.cc
1 stats.g.doubleclick.net www.google-analytics.com
40 18

This site contains no links.

Subject Issuer Validity Valid
reurl.cc
R3		 2022-05-25 -
2022-08-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-29 -
2022-07-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-12 -
2022-11-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.lottiefiles.com
Amazon		 2021-10-26 -
2022-11-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Frame ID: 0E7036B707EF11D13427507A38122468
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Win a $500 Gift Card

Page URL History Show full URLs

  1. https://reurl.cc/WreObL Page URL
  2. https://gvfcdgtf.s3.us-east-1.amazonaws.com/yhtgfrcd.html Page URL
  3. http://rathemself.com/t/euv25x0z3/r03220755x537x84579x74617592x3899635x82947b0x7525958 HTTP 302
    https://www.gauchlead.com/4NB7FCF/RRXJ6GS/?creative_id=10733&sub1=928_5570_97548_735&sub2=43465124&sub... HTTP 302
    https://trk.wawug.com/4167006f-5b4b-d642-676c-79f86bc5dffe?transaction_id=4e5e0e8a2f1e428e9b2a1709... HTTP 302
    https://trk-ca.prltrack.com/campaign/42ca0c5a8d5cd44c57946df2e6fc145dfd89156d?transaction_id=4e5e0e8a2f1... HTTP 302
    https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

69 %
IPv6

16
Domains

18
Subdomains

13
IPs

4
Countries

450 kB
Transfer

1333 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reurl.cc/WreObL Page URL
  2. https://gvfcdgtf.s3.us-east-1.amazonaws.com/yhtgfrcd.html Page URL
  3. http://rathemself.com/t/euv25x0z3/r03220755x537x84579x74617592x3899635x82947b0x7525958 HTTP 302
    https://www.gauchlead.com/4NB7FCF/RRXJ6GS/?creative_id=10733&sub1=928_5570_97548_735&sub2=43465124&sub3=8595257_5369983 HTTP 302
    https://trk.wawug.com/4167006f-5b4b-d642-676c-79f86bc5dffe?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&aff_sub= HTTP 302
    https://trk-ca.prltrack.com/campaign/42ca0c5a8d5cd44c57946df2e6fc145dfd89156d?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&aff_sub=&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS HTTP 302
    https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://openfpcdn.io/fingerprintjs/v3 HTTP 302
  • https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
WreObL
reurl.cc/ 		602 B
604 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/WreObL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
988b0b7c7b938a6c116d296ca685fc5d4a8b5bbb5b0852f0e0333ca31cd6271d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 21:55:45 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://gvfcdgtf.s3.us-east-1.amazonaws.com/yhtgfrcd.html#/t/euv25x0z3/r03220755x537x84579x74617592x3899635x82947b0x7525958
vary
Accept-Encoding
ga.js
reurl.cc/javascripts/ 		382 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/WreObL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f72126d2e60ad5f3b162e550ffc8ac968451b1391e5619332d1e6873bdd5190d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/WreObL
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:45 GMT
content-encoding
gzip
last-modified
Sun, 08 May 2022 03:38:29 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62773b35-17e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 20 Jul 2023 21:55:45 GMT
pixel.js
reurl.cc/javascripts/ 		470 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/WreObL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/WreObL
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:45 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-1d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 20 Jul 2023 21:55:45 GMT
redirect.js
reurl.cc/javascripts/ 		192 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/redirect.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/WreObL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
31e04833b168c92456b325b00642c7b3e04b82dc8ed6fbebdef5bc96de5b1360

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/WreObL
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:45 GMT
content-encoding
gzip
last-modified
Sun, 08 May 2022 03:38:29 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62773b35-c0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 20 Jul 2023 21:55:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3204
date
Wed, 20 Jul 2022 21:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Jul 2022 23:02:21 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
cFci0vRpcxnZpuf48J6z8ZjCoUTwQR7hseWc02dFANo+cZbt0h+ZcUT5IGY1qQQFHUobZzv5DWPjq7UJSWiV0w==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 21:55:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=806906122&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FWreObL&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=622146062&gjid=594713197&cid=722839152.1658354146&tid=UA-102456694-1&_gid=506808063.1658354146&_r=1&_slc=1&z=1873858286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 21:55:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a04fb721ddf269db6e25f6d833d90eb0149439123e26229ff9ac0a2d82cfedaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7102
x-xss-protection
0
pragma
public
x-fb-debug
qqQlrolAfE0Kei2qHBVrfFiF2sBMYgrZFyfjkLNwBcF+UTRWdV/clXGs6ww7hR6SDU0mYQrOd8MoFsseteNLCQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Wed, 20 Jul 2022 21:55:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=722839152.1658354146&jid=622146062&gjid=594713197&_gid=506808063.1658354146&_u=IEBAAEAAAAAAAC~&z=1754823133
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Jul 2022 21:55:45 GMT
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FWreObL&rl=&if=false&ts=1658354145723&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=28&fbp=fb.1.1658354145722.2072723348&it=1658354145689&coo=false&exp=u0&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/WreObL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 20 Jul 2022 21:55:45 GMT
yhtgfrcd.html
gvfcdgtf.s3.us-east-1.amazonaws.com/ 		234 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gvfcdgtf.s3.us-east-1.amazonaws.com/yhtgfrcd.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/redirect.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.85.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
234
Content-Type
text/html
Date
Wed, 20 Jul 2022 21:55:46 GMT
ETag
"a919af1da665de0bb236d012819d1acd"
Last-Modified
Wed, 20 Jul 2022 16:39:57 GMT
Server
AmazonS3
x-amz-id-2
X9rB1nlgxm9waRDXtNpWr30PnCq3tEnI08FM0cPP+5KK19QOuiB233d62scy/UFAMKwswERPV/o=
x-amz-request-id
V89DNJ1NT2Y1JQQQ
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=722839152.1658354146&jid=622146062&_u=IEBAAEAAAAAAAC~&z=182168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 21:55:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=722839152.1658354146&jid=622146062&_u=IEBAAEAAAAAAAC~&z=182168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 21:55:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request loader_only.php
trk-ca.prltrack.com/
Redirect Chain
  • http://rathemself.com/t/euv25x0z3/r03220755x537x84579x74617592x3899635x82947b0x7525958
  • https://www.gauchlead.com/4NB7FCF/RRXJ6GS/?creative_id=10733&sub1=928_5570_97548_735&sub2=43465124&sub3=8595257_5369983
  • https://trk.wawug.com/4167006f-5b4b-d642-676c-79f86bc5dffe?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&aff_sub=
  • https://trk-ca.prltrack.com/campaign/42ca0c5a8d5cd44c57946df2e6fc145dfd89156d?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&aff_sub=&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ3...
  • https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&...
605 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Requested by
Host: gvfcdgtf.s3.us-east-1.amazonaws.com
URL: https://gvfcdgtf.s3.us-east-1.amazonaws.com/yhtgfrcd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
7fe6b3df98a3776cf6e7605bda27f150e9834293708c73805b6d20fe4b3f8901

Request headers

Referer
https://gvfcdgtf.s3.us-east-1.amazonaws.com/yhtgfrcd.html#/t/euv25x0z3/r03220755x537x84579x74617592x3899635x82947b0x7525958
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
72def1748856ecf6-YUL
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 21:55:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEWLO03hdJimhwAc6D5zaih%2BkHZFME7ECshoQYRQTtgh6BgVApSBddy6%2BeAaqnziR%2BRyhVqfO3FSYhhoqYkm5%2BC917u%2BLMpssiBuFGdBr69XYnv5sXaWqngnuJ7dzkthPNUnembxTwIZ4vnnjJABLtqP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
72def170cf9e7142-YUL
content-type
text/html
date
Wed, 20 Jul 2022 21:55:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbR7XvvSNR1YXUR0Yz2SoZ7%2BnqJ85os5hOyqZ555OELrqFoBBggIKlfOZSkuRT6kWuUvOkGClKil8J88BKagyvUBabtHGClRI%2F9JUXcQxxNQKV4AMCc89flCuUcm1PfPkvNhR5ZEp4RWY81eSAHAsQqP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 17 Jul 2022 17:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:17:46 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
age
7644723
cdn-cachedat
2021-03-10 13:26:25
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
30724c3080e13e93e372b6fc9e9e136c
cdn-requestcountrycode
US
cf-ray
72def175ca7e714a-YUL
cdn-cache
HIT
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 11:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 11:15:00 GMT
mammoth.js
cdn-ca.prltrack.com/global-scripts/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.prltrack.com/global-scripts/js/mammoth.js
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
22ddc1f65d247fa712cf73403f5f9c854bd9e5bb297af34a5feb7f5bb69b25b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 20:01:48 GMT
server
cloudflare
age
6840
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoD9OE4SjUORTiWB9vMloOdcNAKkexFvhi7nZYMwT%2FmWYfb4buEWZtG57pKf1St2JWwJLshoZs9JrXfT7k143jhUajnDiqb49mPROIoEtiUw9aG7ui%2F8cC%2F66wtUurzorb%2BwA6qaSrGJjo3DX3rA1iKB"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72def175b86f7142-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
backLink.js
cdn-ca.prltrack.com/global-scripts/js/function/ 		299 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.prltrack.com/global-scripts/js/function/backLink.js
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267a2b422d712312507e2883bffbf834b45c545d5997a23551a3e426d70b85f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Jul 2021 11:47:12 GMT
server
cloudflare
age
6840
etag
W/"12b-5c73c25fe27e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDY0NOhZdS88FaMoX7m1PNCBmwh3p7BBIVPOvwN7evJD2teU4SyIXkIA%2F6WVArVfsa2diuNDb2LoS5r9Uo4RdsDsnypFTDb%2BOePrpucs6ClPS27aiTO27RUjG0qv65l4ZJjRnQ%2FQ2L%2Bcgx%2BvqCO3AuIg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72def175b8707142-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mobile-card.png
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/mobile-card.png
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116ca4263d1f6403303ae32d224ef0813bbf60d2e8f4e8331a022bbfd98afd96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36964
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"9064-5d5f2e0ae16ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79mZItetKEudbl6JOWIP%2BATigF2B1G%2Bhcixm09Dbrtaj58zzIQv8dS0g4S6tGvPWY%2FMFyZKT9S1I%2F46QVqZPLxn8oteNPY4tXdmseW7Aib5RZ%2BpTojbmDO8w484rGj1Ru8uobKmYcPT2TOz629CfsDxN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1762a4aecf6-YUL
clock.svg
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/clock.svg
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
age
6839
etag
W/"53e-5d5f2e0ae074e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hOwKvST8hUZ7n7cBpjM38IcL9P1cU0s%2FSZZQxLiJJZ4YrcPUs3RaXkqLWW0Mq2WXn22mJB2T1RT1MbE2u5jsg8UKkIsBEEbOdazO96jivV2XszcVoY4iI2tUg6CcWX%2F1Yc6FHEcnPqbLdO%2FibXXBH%2By"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72def1764a62ecf6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
desktop-card.png
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/desktop-card.png
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2fb257a4fc9af5fbd43ea377e0083ea4cdab1cfd0220efeef15647427876dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83972
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"14804-5d5f2e0ae0f1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99DQkENd%2FhrrrosC72wlWGrTDNFgT9sM6lLYYEQU3Or9efw8d4mbyxjII4V42lg%2FSEsTPJu4ck8CC0E8rSqMMyMXdWBuYUrLIB8dmaXYM4eq4ZMqLObVBTz71cC35x3APIWclrGaxSzfOehBVKo%2FVNIw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1765a72ecf6-YUL
closed-box.png
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/closed-box.png
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84a53df13f2094ee6b1fb232dc55cec44367393035d26e2b5a84b87b9724e63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15738
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"3d7a-5d5f2e0ae0b36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGQMgsP9iv%2B%2BhQwb28LoMEjFC9XWn4YAhVy8F2591nqRNzI0Q5gRwbr4dARKID6K0GmWol9%2FbdGCsPizcGii1SdUhabpIiiof6OpViK%2Bqc04dExFYM%2FfBw3nnqq7SOAGiUNigx8fg5%2B5p5tNX%2BjzWCbL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1765a76ecf6-YUL
esm.min.js
openfpcdn.io/fingerprintjs/v3.3.3/
Redirect Chain
  • https://openfpcdn.io/fingerprintjs/v3
  • https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js
31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H2
Server
54.230.163.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-127.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
66ca1643eabf887594645c58317ad8c2d37b8cb7e9266a9a7a0f54dd826162c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 27 May 2022 05:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
CloudFront
age
4725966
etag
W/"okl+saWiuE9FSJqFFzOOURi4+hA"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=32664125
x-amz-cf-pop
EWR53-C3
vary
Accept-Encoding
x-amz-cf-id
CzTm2Wh5wsq5W2Ch209f-39uHQLdYCpJwzOKX6sVPt2qRwo36NjS8A==
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)

Redirect headers

date
Wed, 20 Jul 2022 21:26:21 GMT
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
server
CloudFront
age
1767
location
/fingerprintjs/v3.3.3/esm.min.js
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
public, max-age=623717, s-maxage=3627
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
GXXdsOdsPAR1z9k3o0sK5P__IC3DdOa-6hpT3xesw04YRI025RIjLw==
amelie.jpg
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/amelie.jpg
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2463821cc552f6cbdfa344c0e82aa204d77fb8eadd1c12913b759c8000d54b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4297
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"10c9-5d5f2e0ae074e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfay639NqLmnvXSTmGdnrxJkLYhJ%2FMvMYch%2BushPjgFVVtNPvAuTqpndo9a%2FSzoT9m5PdKIr5IDniynklM8lpOyyNwe6xsKwVw1dFxe4oLWErDTho6SDQRCJCm3jXScY%2F6QY1WKedvBZ%2FDhkykoKPs%2BI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1769ac8ecf6-YUL
verified.png
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/verified.png
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8047
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"1f6f-5d5f2e0ae16ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIpmKGqEYSb62U2mWGau9s2zkSTcouQzhbqNEE1TfRk0y9catdZcHpGBaFMxJp2KEUacjPGY5119j%2FfqldpnO18LDPwqj4%2B4R4%2F5giuqde%2FHlYxm8uB1YfNVLkn1vL1GfsPv0ekRTx1EqJOIzyNmEAu6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1769acaecf6-YUL
5-stars.png
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/5-stars.png
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01244be753151d3f79f3fcb8ee8890e0f1f0c4a7c973381055211ac08fcea5e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1865
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"749-5d5f2e0ae074e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQcP8rjBQoXHDbhaINvV8sSXJiuWIOnYdPTDp%2Br%2BEA12lsHou9uVlJPPro9HaZ5pFCq78JGEbyjc%2Bgypq%2FoPvWyJ1zhZjB%2FjmjLxlWeL%2BrbKV4yx8b0f0bGIsCBWBuEI4O8LzzZm2XvbMkIYx6ByupGo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1769accecf6-YUL
braxton.jpg
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/braxton.jpg
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0f80927c000d935bd357d2d6228ae77455cb3fa92da6839c3b7b0ae53683cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5769
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"1689-5d5f2e0ae074e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra0vVdDbt3i21DLnIwdl4Rni%2FmcPqKSSYozcbVWu2CUHrmRShi8s3PiGzvMBcOEH2bpNW4qBeoYhZFAj5L1sVv9pS9UdHeYHqan9CcXEHp0Hczrad4r9LOyg7Qs4Nfcs2yDPJuqAr8E55UDm8VtCuYvh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1769acdecf6-YUL
sophia.jpg
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/sophia.jpg
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad1a92f03bbfcebe1b09431ade4f8206cb0c5f8fe56033c4f3f944f5fc4c173

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3740
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"e9c-5d5f2e0ae16ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zsNaNXdKDvldHO2p1j6N5cqL9FmZV2RRZhCZ1otI0pwqtACyT%2BX3BU0lEk03TVPIQYt%2BaA%2BnxxBZ98D7Y%2BUmdlTh4gOWVkTB%2BCvjtJXndlOugm6Wf2TxJXqgewrx%2Fhrhqksj9MilncrLJGCnhakz3gQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1769aceecf6-YUL
david.jpg
cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.prltrack.com/prelanders/ca/tim/survey/img/david.jpg
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee73f2f911f967739098eb4f3feeeab1912c1bf3d4171a32e81b6b7a3cb47816

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5360
last-modified
Wed, 19 Jan 2022 17:40:11 GMT
server
cloudflare
etag
"14f0-5d5f2e0ae0b36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4LMPe00SXe1jo0JjeM7AtWkJDgn6btoWfxJdm47lIapfuM185KiVVIuU2dcrogK6eG6R4pKeP46nrMsdw0Re92tVAc%2F9%2B11zc5r9DoXEEF3ipPS8DYmQP6GG0ef479mb0IO%2FFfyhC1oIjwbToA18c1t"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72def1769acfecf6-YUL
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Jul 2022 21:55:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
7644723
cdn-cachedat
2021-03-10 13:26:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0bb80ad404593adbe9e0f3806c6b09fd
cf-ray
72def176bbb37139-YUL
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
/
trk.prltrack.com/api/logger/session_attribute/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/session_attribute/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.prltrack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72def1783ed44bcb-YUL
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 21:55:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThBbZhx94FMk1Kep%2BVc%2FujrtDdFFJ6HkM%2BbUdcPYgjWR7SlfM7sFlyXMvOpPH8k3RXVx8NaLJ74fzjkXQSKLAQIEL%2FeRMNRb0qkGjKWxEz%2Fxy0ZOT2E9AOYos1I8srDz0vl1H2%2BDHDtsJ2o%2BFzPK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.prltrack.com/api/logger/session_attribute/ 		70 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/session_attribute/
Requested by
Host: cdn-ca.prltrack.com
URL: https://cdn-ca.prltrack.com/global-scripts/js/mammoth.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
a91093416ab61b13d9409cf34b1f7f97276d2d6cfe2e3f07a35c6499053d3454

Request headers

Referer
https://trk-ca.prltrack.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type
application/json

Response headers

date
Wed, 20 Jul 2022 21:55:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsGD9U5wf%2FljWH%2FoYLdsnXGOToUax2ghiBNVwqYHsnE%2B68ii%2FlwsRIOqNNj%2FSzpaDH9X31umAfNJd9UKRXFGA%2FWTGHKECtHaJp7WHCT%2F4TDyKJiInkFXxlTXfblqeHhJa0NKreyLS14%2FrOitTKel"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
72def17978f2ca57-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
trk.prltrack.com/api/logger/generic_log/ 		50 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/generic_log/
Requested by
Host: cdn-ca.prltrack.com
URL: https://cdn-ca.prltrack.com/global-scripts/js/mammoth.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
276ed4343b256e3f9992d314d6da0f1807fee7cefbfd7a9cd83a0cc7e96ea65e

Request headers

Referer
https://trk-ca.prltrack.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type
application/json

Response headers

date
Wed, 20 Jul 2022 21:55:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jx5pv1uIuwC3iADziCzElcGgXVfeutjSEzQDs9y6kThnRoi1DQ9kJz512BBzXBdbaEpe4OSgHccHcWaYdanVMUsFNSdd8yBg1YztPafp0ggIMR28vdCwCNx7m6aaOwvSAZ6KHDuBkJUSf3Ssj9S"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
72def17978e6ca57-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
trk.prltrack.com/api/logger/generic_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/generic_log/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.prltrack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72def1783ed74bcb-YUL
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 21:55:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbJdwXSvbpDrkvu4Fq3JhtxknZhiD8C6hWji7akHAdAHyYWDw332lY1%2BGSHOhwuVILT%2FfRbnrE8TxP4wKh8tsI8GV1rDk7UAE9kTRhoIWiiqnKolobXKs8fMsXLXhNMcLGYxvVtW3vrk4w3qS0ID"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.prltrack.com/api/logger/post_interaction/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/post_interaction/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.prltrack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72def1786f394bcb-YUL
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 21:55:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUc94Zlb2BrLhBI2lKmIC6TLgbrX2q5Z8U1RT%2F9TRo%2FQtwUjbk2pFGRSMP%2FZ6UaDN7dan0KqK188DGGSfN9LGOZBt4YQisdwnc%2B79Ucd8F0D%2FGkhXRTxfQtAbI7UF0aCm0y8QxOeXbxF7gXutixG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.prltrack.com/api/logger/post_interaction/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/post_interaction/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.prltrack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72def1786f3c4bcb-YUL
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 21:55:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JRV2iOrJAvKN9frLl3ed%2Bu%2B1tApbSeXekg3gKSuInYVhdkhRMWhXW3CefDddR07A%2Fbwfnbuw9K1FHHAcChwrBwxxVyzHGQo1rdYCiDbTs%2B%2BLY2KDLBqYikqqy9FIN%2BeBr4NjqdvSvq05NJmP1bS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.prltrack.com/api/logger/post_interaction/ 		60 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.prltrack.com
URL: https://cdn-ca.prltrack.com/global-scripts/js/mammoth.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
4b2fa9176cb81af9548de65188edadb5ad1075824b44105bb29d1cd40a94745c

Request headers

Referer
https://trk-ca.prltrack.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type
application/json

Response headers

date
Wed, 20 Jul 2022 21:55:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvMnN3UuJkI%2F084liyefYLFB7T4Os6BtLVy6txJvTJS1ZRZERrpc4GKZ%2FpG49dLDKV5VHq6eB0fdL%2BAPm74sXoqqG1SIRolg%2F3wYZelY8kMOfey6gwUX%2FMdqAkWdrmFXGlDCp3%2B3y24z%2BubGky%2B0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
72def179890fca57-YUL
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
trk.prltrack.com/api/logger/post_interaction/ 		60 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.prltrack.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.prltrack.com
URL: https://cdn-ca.prltrack.com/global-scripts/js/mammoth.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:df31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
6db38728300b111c49a5b4bbe8b27ccb8e175de4bd26cd67a55ac05fbe218690

Request headers

Referer
https://trk-ca.prltrack.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type
application/json

Response headers

date
Wed, 20 Jul 2022 21:55:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra0ozAdRD3ufAmKMek%2BC9fFW9jvffz1j1kDJP%2FdU0zSZW9TuTMXkSvB7%2FOvOGSgpNxQ%2FMgIIrDpT2o2td75eKA4%2BT4CBUcrHmwkBZHlnn6hRK2P0lxiUFLgG27ACiXY4d0K5qHjrTW3wSnCMTNkX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
72def179890aca57-YUL
expires
Thu, 19 Nov 1981 08:52:00 GMT
lf20_NxuRdg.json
assets3.lottiefiles.com/temp/ 		20 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets3.lottiefiles.com/temp/lf20_NxuRdg.json
Requested by
Host: trk-ca.prltrack.com
URL: https://trk-ca.prltrack.com/loader_only.php?transaction_id=4e5e0e8a2f1e428e9b2a17091e3de023&aff_id=2276&sl1=5e190053-3445-dc4a-fd1a-007eee3acb35&sl2=ZDdZ395Q&sl3=8h6kkCL7&sl4=U8HIPzuS&rc=R-CT-P-SC&pl=688619671&pc_session_id=ps9qtobnqo1aqc9khd2q8qd8i2-32809&sid=ps9qtobnqo1aqc9khd2q8qd8i2-32809&pc_synd_id=tim_ccr_ca_a1_sh375_pp_s_biz&partner=tim_ccr_ca_a1_sh375_pp_s_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:4800:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.prltrack.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
XpGQn9jTqdCH_09IHXy3AQYee1_F_s91
content-encoding
gzip
etag
W/"1b4e549cdda1e3a3e3f75846ec48beea"
age
200
x-cache
Hit from cloudfront
access-control-max-age
1800
access-control-allow-origin
*
last-modified
Wed, 03 Apr 2019 15:01:36 GMT
server
AmazonS3
date
Wed, 20 Jul 2022 21:55:49 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
via
1.1 988ebab315003cc8902437cbdd7de09e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
yncwWtTN1EPSB0xiCYl6BQZIulBHSu89HalVHyGaaI61uwfDQ8Qs_Q==

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| Logger function| warn function| error string| fpjs string| baseUrl object| warn_log function| _warn_log object| error_log function| _erro_log string| bckLink string| agent string| manufacturer boolean| box_ini function| asdf function| datehax string| portal string| theme string| template string| brand_country object| dayNames object| monthNames string| img_regalo string| minutos_y string| segundos string| url_f object| modalOptions object| adS function| stepfinal function| goToUrlFinish function| getBrowser function| getPlatform object| boxRoot number| count number| intentos boolean| puedo number| attempts object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| parcelRequire

6 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga
Value: GA1.2.722839152.1658354146
.reurl.cc/ Name: _gid
Value: GA1.2.506808063.1658354146
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1658354145722.2072723348
trk.wawug.com/ Name: PHPSESSID
Value: hajn5or5q2hd26ra0mvdp9neg2
trk-ca.prltrack.com/ Name: PHPSESSID
Value: ps9qtobnqo1aqc9khd2q8qd8i2-32809

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets3.lottiefiles.com
cdn-ca.prltrack.com
connect.facebook.net
gvfcdgtf.s3.us-east-1.amazonaws.com
maxcdn.bootstrapcdn.com
openfpcdn.io
rathemself.com
reurl.cc
stats.g.doubleclick.net
trk-ca.prltrack.com
trk.prltrack.com
trk.wawug.com
www.facebook.com
www.gauchlead.com
www.google-analytics.com
www.google.ca
www.google.com
178.255.47.116
20.91.223.9
2600:9000:21da:4800:2:49a2:4500:93a1
2606:4700:3031::6815:28fa
2606:4700:3035::ac43:df31
2606:4700::6812:acf
2607:f8b0:4004:c07::9d
2607:f8b0:4006:80b::2003
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2004
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
35.185.130.121
52.217.85.184
54.230.163.127
01244be753151d3f79f3fcb8ee8890e0f1f0c4a7c973381055211ac08fcea5e4
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
116ca4263d1f6403303ae32d224ef0813bbf60d2e8f4e8331a022bbfd98afd96
22ddc1f65d247fa712cf73403f5f9c854bd9e5bb297af34a5feb7f5bb69b25b2
267a2b422d712312507e2883bffbf834b45c545d5997a23551a3e426d70b85f1
276ed4343b256e3f9992d314d6da0f1807fee7cefbfd7a9cd83a0cc7e96ea65e
2e2463821cc552f6cbdfa344c0e82aa204d77fb8eadd1c12913b759c8000d54b
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af
31e04833b168c92456b325b00642c7b3e04b82dc8ed6fbebdef5bc96de5b1360
4b2fa9176cb81af9548de65188edadb5ad1075824b44105bb29d1cd40a94745c
66ca1643eabf887594645c58317ad8c2d37b8cb7e9266a9a7a0f54dd826162c0
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6db38728300b111c49a5b4bbe8b27ccb8e175de4bd26cd67a55ac05fbe218690
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
6f0f80927c000d935bd357d2d6228ae77455cb3fa92da6839c3b7b0ae53683cc
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2
7fe6b3df98a3776cf6e7605bda27f150e9834293708c73805b6d20fe4b3f8901
8ad1a92f03bbfcebe1b09431ade4f8206cb0c5f8fe56033c4f3f944f5fc4c173
988b0b7c7b938a6c116d296ca685fc5d4a8b5bbb5b0852f0e0333ca31cd6271d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a04fb721ddf269db6e25f6d833d90eb0149439123e26229ff9ac0a2d82cfedaf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a84a53df13f2094ee6b1fb232dc55cec44367393035d26e2b5a84b87b9724e63
a91093416ab61b13d9409cf34b1f7f97276d2d6cfe2e3f07a35c6499053d3454
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ea2fb257a4fc9af5fbd43ea377e0083ea4cdab1cfd0220efeef15647427876dc
ee73f2f911f967739098eb4f3feeeab1912c1bf3d4171a32e81b6b7a3cb47816
f72126d2e60ad5f3b162e550ffc8ac968451b1391e5619332d1e6873bdd5190d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d