o.canada.com Open in urlscan Pro
34.111.249.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.canada.com/click/63daa8193985a237c1ad1924/aHR0cDovL3d3dy5jYW5hZGEuY29tL2Fib3V0dXMvY29weXJpZ2h0Lmh0bWw/5de29...
Effective URL:
https://o.canada.com/aboutus/copyright.html
Submission: On October 04 via api (October 4th 2023, 1:58:34 pm UTC) from LU — Scanned from DE

Summary HTTP 120 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 33 domains to perform 120 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is o.canada.com.
TLS certificate: Issued by GTS CA 1D4 on October 4th 2023. Valid for: 3 months.

This is the only time o.canada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.222.82.214 3.222.82.214	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.111.67.160 34.111.67.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.111.249.109 34.111.249.109	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
2	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.78.67 13.225.78.67	16509 (AMAZON-02) (AMAZON-02)
21	34.117.54.29 34.117.54.29	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:e6:... 2606:4700:e6::ac40:cf09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.103 18.66.112.103	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:5eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.224.24.192 34.224.24.192	14618 (AMAZON-AES) (AMAZON-AES)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
4	18.185.12.185 18.185.12.185	16509 (AMAZON-02) (AMAZON-02)
8	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
5	2600:9000:223... 2600:9000:223c:2600:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 4	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
4	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
5	34.149.157.221 34.149.157.221	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
3	2600:1f18:44f... 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:325a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.66.74 65.9.66.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.48 18.66.112.48	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	18.212.0.191 18.212.0.191	14618 (AMAZON-AES) (AMAZON-AES)
2	162.55.144.217 162.55.144.217	24940 (HETZNER-AS) (HETZNER-AS)
120	43

1 3.222.82.214 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-82-214.compute-1.amazonaws.com

link.canada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.67.160 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.67.111.34.bc.googleusercontent.com

www.canada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com

o.canada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-67.fra2.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com

dcs-static.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fem.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cf09 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-103.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)

auth.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.224.24.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-24-192.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com

postmedia.hub.loginradius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googlesync.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223c:2600:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com

smartcdn.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.212.0.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-0-191.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.144.217 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy05.cl03.het.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	postmedia.digital dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 217340 fem.gprod.postmedia.digital — Cisco Umbrella Rank: 256349 smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 157272	312 KB
9	permutive.com api.permutive.com — Cisco Umbrella Rank: 2885 cdn.permutive.com — Cisco Umbrella Rank: 3714 googlesync.permutive.com — Cisco Umbrella Rank: 11010	39 KB
8	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 8541 identity.mparticle.com — Cisco Umbrella Rank: 2944 jssdks.mparticle.com — Cisco Umbrella Rank: 5788	100 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	556 KB
6	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	161 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
5	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 15714	211 KB
5	canada.com 3 redirects link.canada.com www.canada.com o.canada.com	46 KB
4	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 16148 i.viafoura.co — Cisco Umbrella Rank: 16224	4 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 239	3 KB
4	loginradius.com postmedia.hub.loginradius.com — Cisco Umbrella Rank: 252539	1 KB
4	lrcontent.com auth.lrcontent.com — Cisco Umbrella Rank: 102668 config.lrcontent.com — Cisco Umbrella Rank: 26127	97 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 404 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945	67 KB
3	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5281 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6729 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 8669	19 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 8814	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3974	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	659 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4245 p1.parsely.com — Cisco Umbrella Rank: 3408	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
2	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 11072	46 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 4930	128 B
2	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3869 ads.rubiconproject.com — Cisco Umbrella Rank: 2681	262 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	2 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 360	571 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662	17 KB
1	permutive.app 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 259574	135 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 5109	33 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 9699	3 KB
1	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 5439	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
0	prmutv.co Failed 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co Failed
120	33

	Domain	Requested by
17	dcs-static.gprod.postmedia.digital	o.canada.com dcs-static.gprod.postmedia.digital
8	www.googletagmanager.com	fem.gprod.postmedia.digital jssdkcdns.mparticle.com www.googletagmanager.com o.canada.com www.google-analytics.com
7	api.permutive.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
5	smartcdn.gprod.postmedia.digital	o.canada.com
5	cdn.viafoura.net	fem.gprod.postmedia.digital cdn.viafoura.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com o.canada.com
4	identity.mparticle.com	jssdkcdns.mparticle.com
4	sb.scorecardresearch.com	1 redirects fem.gprod.postmedia.digital o.canada.com
4	postmedia.hub.loginradius.com	fem.gprod.postmedia.digital auth.lrcontent.com
4	fem.gprod.postmedia.digital	o.canada.com fem.gprod.postmedia.digital
3	jssdks.mparticle.com	jssdkcdns.mparticle.com
3	api.viafoura.co	cdn.viafoura.net
3	fonts.gstatic.com	fonts.googleapis.com
3	c.amazon-adsystem.com	o.canada.com c.amazon-adsystem.com
2	events.newsroom.bi	sdk.mrf.io
2	config.lrcontent.com	auth.lrcontent.com
2	www.google.de	o.canada.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	o.canada.com connect.facebook.net
2	sdk.mrf.io	o.canada.com sdk.mrf.io
2	cm.g.doubleclick.net	2 redirects
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	auth.lrcontent.com	o.canada.com cdn.viafoura.net
2	securepubads.g.doubleclick.net	o.canada.com securepubads.g.doubleclick.net
2	o.canada.com	dcs-static.gprod.postmedia.digital
2	www.canada.com	2 redirects
1	i.viafoura.co	cdn.viafoura.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.com	o.canada.com
1	www.facebook.com	o.canada.com
1	region1.analytics.google.com	www.googletagmanager.com
1	p1.parsely.com	o.canada.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	cdn.parsely.com	www.googletagmanager.com
1	get.s-onetag.com	www.googletagmanager.com
1	cdn.jsdelivr.net	micro.rubiconproject.com
1	ads.rubiconproject.com	micro.rubiconproject.com
1	jssdkcdns.mparticle.com	fem.gprod.postmedia.digital
1	googlesync.permutive.com	o.canada.com
1	cdn.permutive.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	ib.adnxs.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	secure.cdn.fastclick.net	o.canada.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	fem.gprod.postmedia.digital
1	ak.sail-horizon.com	o.canada.com
1	www.npttech.com	o.canada.com
1	cdn.adsafeprotected.com	o.canada.com
1	micro.rubiconproject.com	o.canada.com
1	fonts.googleapis.com	o.canada.com
1	link.canada.com	1 redirects
0	23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co Failed	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
120	52

This site contains links to these domains. Also see Links.

Domain
nationalpost.com
www.remembering.ca
www.working.com
shopping.canada.com
classifieds.canada.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.postmediasolutions.com
adregistry.postmedia.com
www.postmedia.com

Subject Issuer	Validity	Valid
canada.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-22` - `2024-06-19`	a year	crt.sh
gprod.postmedia.digital GTS CA 1D4	`2023-09-04` - `2023-12-03`	3 months	crt.sh
npttech.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.loginradius.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-29` - `2023-12-15`	a year	crt.sh
api.permutive.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
viafoura.com Amazon RSA 2048 M02	`2023-08-08` - `2024-09-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-05-02` - `2024-06-02`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-05-08` - `2024-06-08`	a year	crt.sh
jssdks.mparticle.com Go Daddy Secure Certificate Authority - G2	`2022-09-15` - `2023-10-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-13` - `2023-10-11`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ssl03.cert.cl03.k8s.mrf.io R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://o.canada.com/aboutus/copyright.html
Frame ID: D235595901EA9D9E10CCCFB900E056CD
Requests: 111 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v87.0/xd.html
Frame ID: F432D0BF62242B88E00C90F150D47F64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canada.ComCanada.comUser

Page URL History Show full URLs

https://link.canada.com/click/63daa8193985a237c1ad1924/aHR0cDovL3d3dy5jYW5hZGEuY29tL2Fib3V0dXMvY29we... HTTP 302
http://www.canada.com/aboutus/copyright.html HTTP 301
https://www.canada.com/aboutus/copyright.html HTTP 301
https://o.canada.com/aboutus/copyright.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

120
Requests

96 %
HTTPS

44 %
IPv6

33
Domains

52
Subdomains

43
IPs

5
Countries

2302 kB
Transfer

9197 kB
Size

32
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://nationalpost.com/nyt-puzzle/
Title: New York Times Crossword

Search URL Search Domain Scan URL

URL: https://nationalpost.com/puzzles/
Title: Puzzles

Search URL Search Domain Scan URL

URL: https://nationalpost.com/comics/
Title: Comics

Search URL Search Domain Scan URL

URL: https://nationalpost.com/advice/
Title: Advice

Search URL Search Domain Scan URL

URL: https://www.remembering.ca/
Title: Remembering

Search URL Search Domain Scan URL

URL: https://www.remembering.ca/select-notice-type/
Title: Place a Notice

Search URL Search Domain Scan URL

URL: https://www.working.com/
Title: Working

Search URL Search Domain Scan URL

URL: https://shopping.canada.com/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://classifieds.canada.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.facebook.com/canada.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/CanadaDotCom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/canadacomvideo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/canadadotcom/

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.canada.com/click/63daa8193985a237c1ad1924/aHR0cDovL3d3dy5jYW5hZGEuY29tL2Fib3V0dXMvY29weXJpZ2h0Lmh0bWw/5de29ce7e8a48112383930d2B5e5f119b/ HTTP 302
http://www.canada.com/aboutus/copyright.html HTTP 301
https://www.canada.com/aboutus/copyright.html HTTP 301
https://o.canada.com/aboutus/copyright.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979&google_tc= HTTP 302
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBZIFu0pAslXtOataJKMg54&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979&google_cver=1

Request Chain 118

https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

120 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request copyright.html Show response
o.canada.com/aboutus/
Redirect Chain

https://link.canada.com/click/63daa8193985a237c1ad1924/aHR0cDovL3d3dy5jYW5hZGEuY29tL2Fib3V0dXMvY29weXJpZ2h0Lmh0bWw/5de29ce7e8a48112383930d2B5e5f119b/
http://www.canada.com/aboutus/copyright.html
https://www.canada.com/aboutus/copyright.html
https://o.canada.com/aboutus/copyright.html

131 KB
26 KB

314ms
280ms

Document
text/html

34.111.249.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

109.249.111.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

a0dd8bd4b802182d8625c59939cb9fbb2b0f75975c0557296ca11b26bd4bb464

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 13:58:27 GMT
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time: 179
x-frame-options: SAMEORIGIN
x-pmd-backend: pmd-nginx-proxy-8499bb5fb9-kgz77

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 13:58:27 GMT
location: https://o.canada.com/aboutus/copyright.html

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 45ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 13:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 13:58:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 13:58:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 89ms
60ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

176ad5eb0be655837d8a5b01f34e37af26d2affb609918711464ee35ec20989f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29410
x-xss-protection: 0
server: cafe
etag: 180 / 19634 / 31078458 / config-hash: 15172790911108097760
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 13:58:27 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 66ms
6ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:30:29 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified: Thu, 21 Sep 2023 19:18:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1679
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: lOxw18zpOIhY0KDfomfgh6EoqEuEGaWpfDTGA2S11GDy_ZRbMt7D1A==

GET
H2 200 14648.js Show response
micro.rubiconproject.com/prebid/dynamic/ 2 MB
255 KB 507ms
163ms Script
text/javascript 23.212.211.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-211-47.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 542dd642e2f1026f243935bca3147e0bba7b68d8d783a3c82cb4f5cd5396404b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-14648_postmedia_pbjs.js
content-type: text/javascript;charset=UTF-8
cache-control: public, must-revalidate, max-age=14400
content-length: 260689
expires: Thu, 05 Oct 2023 12:20:58 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 70ms
11ms Script
application/javascript 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 04:54:22 GMT
Content-Encoding: gzip
Via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 551046
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=604800
Connection: keep-alive
X-Amz-Cf-Id: ZPeLFijJqKMToto6fw3uxc9QlbSbw-Ia5spqbzkf1_F9WllXtwnQIA==

GET
H2 200 output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/ 29 KB
3 KB 49ms
9ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/output.e13822da2ca5.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:45 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396128
age: 676662
x-guploader-uploadid: ADPycdvyl8QLZ9SzZAeCCTiYj6elV0NHojl966nmJ5nVQob1RDDWA4bC5jilKugAYYiGYvuqGoXXuo67ooOGsRL622ujDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2528
last-modified: Tue, 26 Sep 2023 17:48:50 GMT
server: UploadServer
etag: W/"e294df1b7807772797bf8455e49389d1"
vary: Accept-Encoding
x-goog-generation: 1695750530295226
x-goog-hash: crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 29809
accept-ranges: none

GET
H2 200 output.6850cf4f0a9c.css
dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/ 88 KB
14 KB 51ms
12ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/output.6850cf4f0a9c.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 12cd1e80cd036653c94580bfe746ba9c10e13f6c008f3a6c0814c985b75a3f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:28:04 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396127
age: 667823
x-guploader-uploadid: ADPycdtQ05OLO387Nul1aKfLUZv93LLA1umQiEpfE-tN3M0DboP_KJ1GCR2DfcxCWA4uTTwch9rCYfnmxfnGqSjlw9HXizqRuelt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14297
last-modified: Tue, 26 Sep 2023 17:48:47 GMT
server: UploadServer
etag: W/"ed0b12d75eef18d5e615c9b5aa7aba2f"
vary: Accept-Encoding
x-goog-generation: 1695750527886547
x-goog-hash: crc32c=bK3n8A==, md5=7QsS117vGNXmFcm1qnq6Lw==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 89759
accept-ranges: none

GET
H2 200 output.cbd2c33d3d93.css
dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/ 60 KB
7 KB 50ms
10ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/output.cbd2c33d3d93.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 185d375430b6e97b951c7f5c877dfc0eb1f0fab1cc29b5505a05d50cc92df3ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 22:11:54 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396127
age: 661593
x-guploader-uploadid: ADPycduZfiSUo7BpxyAWOXZepBGuCOORh7Pl_Lt-ZV-HoXECr7Ahjq97XZpse7IfQz_Fl_eIQ3C-QDJ_n1NJCJENCbSuEQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6929
last-modified: Tue, 26 Sep 2023 17:48:49 GMT
server: UploadServer
etag: W/"b3c2c4f1c6e337f34b224a10703bc437"
vary: Accept-Encoding
x-goog-generation: 1695750529888562
x-goog-hash: crc32c=py8ieA==, md5=s8LE8cbjN/NLIkoQcDvENw==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 61307
accept-ranges: none

GET
H2 200 output.d999a01a6ed8.css
dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/ 2 KB
866 B 55ms
16ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/css/output.d999a01a6ed8.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d999a01a6ed8eaf5a860ddd16b87035985b878d93a2d556d2bd39358c1b4c9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:35:16 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396127
age: 670991
x-guploader-uploadid: ADPycdum9uiiPlQVVJ1nsSFyIua6sagmlq-HVNn2-NVJK64p9JJsoQ_st8raSfbX85SOgr5Am0s5WurDbnxeXBLNIyJnguwYN94B
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 624
last-modified: Tue, 26 Sep 2023 17:48:50 GMT
server: UploadServer
etag: W/"30308e64798ce863bbcd56d9b6a85a4a"
vary: Accept-Encoding
x-goog-generation: 1695750530175060
x-goog-hash: crc32c=bcs+/g==, md5=MDCOZHmM6GO7zVbZtqhaSg==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 2360
accept-ranges: none

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 786ms
127ms Script
application/javascript 2606:4700:e6::ac40:cf09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W4G1ZMQH7AAVN1CJ
age: 5480
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QCmKRWeKbz8dtKqkoJyoGdTMzVtn0oOwGWnhnfCzByAfa7SJyxr0Q20HrnzY8ptzHkfZeQjYxqY=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEvE7Gb6GUZKFD86IrvSPqiOIbUDcuVa9M%2B71Vmz88zqNnQAfvgoL0Wqh1oUHel4uZhCq7lAtnC3DHAQfMoYrJzZ6TSCE6RBIEHAJ1h2C35kM5717i3hMr1B1%2F01oJNefBXW01FuU5tfD%2F6ncac%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 810df09c0908224c-ORD

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 98 KB
33 KB 42ms
8ms Script
application/javascript 18.66.112.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:53:39 GMT
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 21:44:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 289
x-amz-server-side-encryption: AES256
etag: W/"edee28fbd3a5c9f3c17e0333554b5646"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: wCE7ktm_yx1VbCOGiohFarHI5dQj_RbuWAIGU2W5myfVl3_9g1SLOA==

GET
H2 200 fem.js Show response
fem.gprod.postmedia.digital/v87.0/ 350 KB
99 KB 63ms
6ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v87.0/fem.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ce8f125006c94a87bf10542b776d7bcbc6c7894c12ddf5faaf9fd3358212771

Request headers

Referer
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:03:56 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1693939489
age: 1796071
x-guploader-uploadid: ADPycdtvX-A3ZqmqE814p95JLgsa38PEaFd5eHu-g7eIqvHpE-g7IVTDDpNYqGHSdoDUndYjsqopniuW2rBWIaz2SibN2WslGats
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100920
last-modified: Tue, 05 Sep 2023 18:45:59 GMT
server: UploadServer
etag: W/"47163118ff4db15e0abae40c45cfd778"
vary: Accept-Encoding
x-goog-generation: 1693939559571145
x-goog-hash: crc32c=o/yyOg==, md5=RxYxGP9NsV4KuuQMRc/XeA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 358322
accept-ranges: none
content-type: application/javascript

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 48ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 467495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 49ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 346868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 13:37:19 GMT

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/js/ 204 KB
48 KB 61ms
16ms Script
text/javascript 2606:4700::6812:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/js/LoginRadiusV2.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b724128d513fe8a2abe466b9eea06f1c4ec5899f4cf302a4d1963f463caa347

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:27 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
age: 3197
x-amz-cf-pop: FRA53-C1
cf-polished: origSize=1300481
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 07:10:53 GMT
server: cloudflare
etag: W/"3ba0ce20d834b755eccbe57cb0bd74f1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 810df0981f7d0410-FRA
x-amz-cf-id: PeHJcltxXOhgtfADKEnvWM3KrcODWXBTX8_oS0mL83zZELyqXPeYdg==
expires: Wed, 04 Oct 2023 17:58:27 GMT

GET
H2 200 shared.d9d487298e7d.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/ 20 KB
8 KB 13ms
10ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/shared.d9d487298e7d.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 13d3af53ed9afb6de4eb54fd4ee6d4acf480dc45779dd556922cddc9c9408a4a

Request headers

Referer: https://o.canada.com/
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:45 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396127
age: 676662
x-guploader-uploadid: ADPycduwJhcRzRE9prlC5Bmtf9teAVe1WHse_jFPJTfJ_BCt-jrFWEpmcGi8bD20zrEVWSIqPhc2uXsM0ukfWrK3xeXwCRuJxfpu
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7502
last-modified: Tue, 26 Sep 2023 17:48:51 GMT
server: UploadServer
etag: W/"3d115b84ca4508c5f6f5f749404e77dc"
vary: Accept-Encoding
x-goog-generation: 1695750531085869
x-goog-hash: crc32c=5JlWWQ==, md5=PRFbhMpFCMX29fdJQE533A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 20818
accept-ranges: none
content-type: application/javascript

GET
H2 200 main.c2501ce718f0.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/ 133 KB
45 KB 12ms
8ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/main.c2501ce718f0.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c2501ce718f0e18a8558f3820e2740a56298e9943b0f417fbcf3f0681e42151a

Request headers

Referer: https://o.canada.com/
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:45 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396127
age: 676662
x-guploader-uploadid: ADPycdsFKFbtdw1WNiGVn7bOiOc8u-Nf3jBACrJ8udb5pP2iz93ngTdBf-Ei5Z2zc5HjWzJK9vxBPIqtwAWCFvPWC_lj2YgALoHr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46192
last-modified: Tue, 26 Sep 2023 17:48:51 GMT
server: UploadServer
etag: W/"7a42a79bdc3c4282bff44595477eb687"
vary: Accept-Encoding
x-goog-generation: 1695750531032499
x-goog-hash: crc32c=0YdGPg==, md5=ekKnm9w8QoK/9EWVR362hw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 135910
accept-ranges: none
content-type: application/javascript

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 40ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 73007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 17:41:40 GMT

GET
H2 200 postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/14.5.3/websites/images/ 3 KB
3 KB 15ms
10ms Image
application/octet-stream 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/images/postmedia-image-fallback.webp
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:08:35 GMT
x-goog-meta-goog-reserved-file-mtime: 1695396125
age: 676192
x-guploader-uploadid: ADPycdsTGMky3KcqjmDLs005n6tS3DiGTqhLJJQDFgO0jzN1iB6HDH69OCG5GLDpmXwuzzD49HI8FN2xThywIbq2HD3fzbdi6l2A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2934
last-modified: Tue, 26 Sep 2023 17:49:23 GMT
server: UploadServer
etag: "496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation: 1695750563171940
x-goog-hash: crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin: *
content-type: application/octet-stream
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 2934
accept-ranges: bytes

GET
H2 200 icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/ 775 B
1 KB 20ms
15ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/icon-soc-fb.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:03 GMT
x-goog-meta-goog-reserved-file-mtime: 1695396126
age: 676704
x-guploader-uploadid: ADPycdv7uTMZRyFo2zvfANcvk2YtU-VjmfpApT3PMYRgTSnOm2PXZ5aGfILCsbSroj6TixTn9l2A_vNFRzWYdFk1kNJWvhO13pNa
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 775
last-modified: Tue, 26 Sep 2023 17:49:23 GMT
server: UploadServer
etag: "993353c51244defcc16154eac23ff88d"
x-goog-generation: 1695750563420116
x-goog-hash: crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 775
accept-ranges: bytes

GET
H2 200 icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/ 2 KB
1 KB 18ms
13ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/icon-soc-tw.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:04:35 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396126
age: 676432
x-guploader-uploadid: ADPycdu7hF1fRGLGHzeiF56s7sIwzU5EJ-rCTXusrRt_aCJhD88KpmFg7XFj53dJ-sSdy8cKd4LKQ9hWl83IE4hWfIo-aQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 806
last-modified: Tue, 26 Sep 2023 17:49:23 GMT
server: UploadServer
etag: W/"df82c342c1176b84253c53e6e10eed05"
vary: Accept-Encoding
x-goog-generation: 1695750563617769
x-goog-hash: crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 1698
accept-ranges: none

GET
H2 200 icon-soc-yt.svg
dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/ 744 B
983 B 19ms
14ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/icon-soc-yt.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:01:08 GMT
x-goog-meta-goog-reserved-file-mtime: 1695396126
age: 676639
x-guploader-uploadid: ADPycduhtYam6Xuqy2lWt0kuE30lAyKYFk2V4vBxDWYoiu5FkgB1sj64Xbb3HIY__y4_9FZdFKGhZa4t3PMWBXS-r0OD5g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 744
last-modified: Tue, 26 Sep 2023 17:49:23 GMT
server: UploadServer
etag: "c7b3b346ada043e6e241bca3e7f698d0"
x-goog-generation: 1695750563538443
x-goog-hash: crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 744
accept-ranges: bytes

GET
H2 200 icon-soc-ig.svg
dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/ 2 KB
961 B 20ms
16ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/images/share-icons/icon-soc-ig.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:01:08 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396126
age: 676639
x-guploader-uploadid: ADPycdsyVGjg0pf7luBbtJ9ab-N45mPPyJwOAG-Tl0iZ2M8o6X4t3fsw285x7S3nfS6VhQWAuJeeZ0hcUlWlKBS4hDMTsQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
last-modified: Tue, 26 Sep 2023 17:49:23 GMT
server: UploadServer
etag: W/"cf38c08bd0b7e49f4550f048b7c4e2cf"
vary: Accept-Encoding
x-goog-generation: 1695750563425761
x-goog-hash: crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 1898
accept-ranges: none

GET
H2 200 23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Show response
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 467 KB
135 KB 75ms
40ms Script
application/javascript 2606:4700:4400::ac40:9256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fabb8c784dc8558a67b341a5643051f06c66b28e5adcf1985ce54a2983500f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:27 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 23dc09d6-b664-425a-a76e-0eed6a6cc102
age: 0
x-guploader-uploadid: ADPycduHR_JsFDnmRjC98N0A0O8fRo-EDDKz5A_iClb2WyL6OFyKRJVXtq8bgLpYzOuX3ZpNstHPat91C0eug8JbbTSREg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Tue, 03 Oct 2023 16:38:54 GMT
server: cloudflare
etag: W/"5873bfc17852da11738553c351db7efd"
vary: Accept-Encoding
x-goog-generation: 1696351134177061
content-type: application/javascript
x-goog-hash: crc32c=ZsfQaQ==, md5=WHO/wXhS2hFzhVPDUdt+/Q==
cache-control: public, max-age=900
x-goog-stored-content-length: 139652
timing-allow-origin: *
cf-ray: 810df098bc5e9261-FRA
expires: Wed, 04 Oct 2023 14:13:27 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 413 KB
131 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11471
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133452
x-xss-protection: 0
server: cafe
etag: 5291400228273913750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 03 Oct 2024 10:47:16 GMT

GET
H2 200 3528 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
769 B 57ms
7ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3528
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 39f38410c55909990198bec4def77bd2348d9a27a6cb0de629109b690726290e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:26:35 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1913
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: NadxOKpYMw07F2bDpp1xf8o2ndHkuGJ5aq5b3KJ79RnlcM6oAF-iTw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 353 B
707 B 9ms
7ms XHR
application/json 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:40:29 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 8277
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://o.canada.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 353
x-amz-cf-id: z1w5-DQCNZEG8oszQzu5L2S46NlTcsG7euUFR3PeieC7X3xFg2zvsg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 35ms
7ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Wed, 04 Oct 2023 06:15:52 GMT
x-amz-cf-pop: FRA56-P3
age: 27757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: x_i2l1azk7KAQWnh9swX_2X08IlhmXpghZMkuGETwO3o2FWnY3M7dQ==

GET
H3 200 xd.html Show response
fem.gprod.postmedia.digital/v87.0/ Frame F432 165 B
194 B 18ms
17ms Document
text/html 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v87.0/xd.html
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0415a52758bdf98ee20e9d66dc46ca4242ae73173f6f21a3ffd7081de24d8095

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1796490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31622400
content-length: 165
content-type: text/html
date: Wed, 13 Sep 2023 18:56:58 GMT
etag: "82625060de91f7dd5dd49ad9e66b75d9"
last-modified: Tue, 05 Sep 2023 18:46:01 GMT
server: UploadServer
x-cache-hit: hit
x-goog-generation: 1693939561003050
x-goog-hash: crc32c=pDeGDg== md5=gmJQYN6R991d1JrZ5mt12Q==
x-goog-meta-goog-reserved-file-mtime: 1693939489
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 165
x-guploader-uploadid: ADPycdvO-6kiTE82GBnQcYFJ4wOaWkHc76b9ZoTQSJv6GpFvep2wuCEGvfcdCsW97XT_37wwA477Kwq3vmZrOe08oXIdLQ

GET
H3 200 6684754e93d96dad9937.js Show response
fem.gprod.postmedia.digital/v87.0/chunks/ 3 KB
1 KB 18ms
17ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v87.0/chunks/6684754e93d96dad9937.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d314da1c0fe98b9d700b0ea14785acd14ad4d09e989e39c8b3422c1f91db98ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:56:58 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1693939489
age: 1796490
x-guploader-uploadid: ADPycdtBpNQbPbeKFMw4Vs2o5djBPxmAiv7-7ptJjdWlpHK6yAH3ZeP83P6RsGDS7rUNYooluSFtH1B_-DmXuvfuIVdbuQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
last-modified: Tue, 05 Sep 2023 18:45:58 GMT
server: UploadServer
etag: W/"bd3d37a8cf8e04887f4a3ee2dc03dde4"
vary: Accept-Encoding
x-goog-generation: 1693939558429534
x-goog-hash: crc32c=E9ySAQ==, md5=vT03qM+OBIh/Sj7i3APd5A==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 3197
accept-ranges: none

GET
H3 200 549d21599267e48aeee43.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/websites/js/ 11 KB
4 KB 10ms
8ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/js/549d21599267e48aeee43.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/shared.d9d487298e7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1878705aec86baf73aac495488bd3b4d7b96be51f50cebf682105a8a128dd631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:02 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396122
age: 676706
x-guploader-uploadid: ADPycdvbbNHyRU74SM7kl0kkyXVJpGlZWnEdidovU1QaD5F-5gVpLUHdYzIHS8PalOhi4ts5SDBKYhGqKd1a7CaVihMKYA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3662
last-modified: Tue, 26 Sep 2023 17:49:26 GMT
server: UploadServer
etag: W/"073e06f4cf147feffc382b7119c17239"
vary: Accept-Encoding
x-goog-generation: 1695750566462063
x-goog-hash: crc32c=MNq3iw==, md5=Bz4G9M8Uf+/8OCtxGcFyOQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 11539
accept-ranges: none

GET
H3 200 db35c160545b9564077b16.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/websites/js/ 14 KB
4 KB 11ms
9ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/js/db35c160545b9564077b16.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/shared.d9d487298e7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3f1e409bdcf5920c4899c37c39e7b3fb92b60a2c1a041a16648b010e5bd439d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:02 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396122
age: 676706
x-guploader-uploadid: ADPycduBGe0D8ofsYeuHcaIU8ogOKeWuwXmfI5_MSo01cFoe38LKRCWLjJovCKJzSnmbYne6CtDp2LvhRg7wZzlWG_uzzg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4431
last-modified: Tue, 26 Sep 2023 17:49:27 GMT
server: UploadServer
etag: W/"0450506b259d7522ba0081aa72a162ee"
vary: Accept-Encoding
x-goog-generation: 1695750567582336
x-goog-hash: crc32c=9cn5PA==, md5=BFBQayWddSK6AIGqcqFi7g==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 13988
accept-ranges: none

GET
H3 200 xd.js Show response
fem.gprod.postmedia.digital/v87.0/ Frame F432 51 KB
17 KB 14ms
10ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v87.0/xd.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/xd.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7f5908113d8ad81f7365415ffe4faaed244b99f15b60bf1d8e2bcc1fbf10c9ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fem.gprod.postmedia.digital/v87.0/xd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:56:59 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1693939489
age: 1796489
x-guploader-uploadid: ADPycduqM07v4xNxi5wzZ_ijROlMNaunZWMlCP1BySTXGe8bXhWF9psKj7OSxfGAk89bdnt3yAiHc8XxzY0rIsV2KlEC7Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17097
last-modified: Tue, 05 Sep 2023 18:46:01 GMT
server: UploadServer
etag: W/"56a95d71293f7312d7cc7523b5b828ca"
vary: Accept-Encoding
x-goog-generation: 1693939561309299
x-goog-hash: crc32c=7mqkKA==, md5=VqldcSk/cxLXzHUjtbgoyg==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 51876
accept-ranges: none

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 494ms
158ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 04 Oct 2023 14:13:28 GMT

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 106ms
102ms XHR
text/plain 34.224.24.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.24.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-24-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 13:58:28 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 385ms
102ms Preflight 34.224.24.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.24.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-24-192.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 04 Oct 2023 13:58:28 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 7380f428297495c9787e0.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/websites/js/ 7 KB
3 KB 8ms
8ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/js/7380f428297495c9787e0.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/shared.d9d487298e7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:02 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396122
age: 676706
x-guploader-uploadid: ADPycdvPe6mme3Agk1FmhbcAdZJUypd9aAQeMVtn4erGdQ-QtzQ_nW1Y1pdUXRWDLDNlIFMJJF-vns2Nbrj8ReGkHc_xKg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
last-modified: Tue, 26 Sep 2023 17:49:26 GMT
server: UploadServer
etag: W/"16a345a6eb36c4391df09d45582d99e7"
vary: Accept-Encoding
x-goog-generation: 1695750566687212
x-goog-hash: crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 6981
accept-ranges: none

GET
H3 200 a3ec7ed2dfcc00ca264c23.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/websites/js/ 6 KB
2 KB 10ms
10ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/js/a3ec7ed2dfcc00ca264c23.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/shared.d9d487298e7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:02 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396123
age: 676706
x-guploader-uploadid: ADPycdspHkzlh1EMY67_V0te28G5pTPEocxZjRBnnDEqmNJEpU8Mx2UED9Lwb2x1SRnFJi39lc-d6uE2BtwDZHU7-HNpjQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2088
last-modified: Tue, 26 Sep 2023 17:49:27 GMT
server: UploadServer
etag: W/"a382b48ee1cf980223c8003d301c2f39"
vary: Accept-Encoding
x-goog-generation: 1695750567196246
x-goog-hash: crc32c=TYe94Q==, md5=o4K0juHPmAIjyAA9MBwvOQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 6047
accept-ranges: none

GET
H3 200 db937de5f271191df6744.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/websites/js/ 15 KB
4 KB 9ms
8ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/js/db937de5f271191df6744.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/shared.d9d487298e7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:02 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1695396122
age: 676706
x-guploader-uploadid: ADPycds9Ih9w8-0tR6U-eO3gCmJeP-QD6CTAutb2I3DTweLNaU9HCxDGRYLswzxz4N3atLLGUaGPU-JaHdDT0N3PuKhtIw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4393
last-modified: Tue, 26 Sep 2023 17:49:27 GMT
server: UploadServer
etag: W/"3bfbd59f97296aaf58442bbdf53f71d3"
vary: Accept-Encoding
x-goog-generation: 1695750567608552
x-goog-hash: crc32c=TWNiDw==, md5=O/vVn5cpaq9YRCu99T9x0w==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 15526
accept-ranges: none

GET
H3 200 4e8720b61d861864435e36.js Show response
dcs-static.gprod.postmedia.digital/14.5.3/websites/js/ 224 B
260 B 11ms
9ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/js/4e8720b61d861864435e36.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.5.3/CACHE/js/shared.d9d487298e7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:00:02 GMT
x-goog-meta-goog-reserved-file-mtime: 1695396122
age: 676706
x-guploader-uploadid: ADPycdtfzfoVGrBkDfOcKhLi0752oeyutXo_C-xJksRZ0OvbjwjjFJHCy1dBbnJkqLNp6vncSzDIL3AzNtw3UbcTPB4fLQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 224
last-modified: Tue, 26 Sep 2023 17:49:26 GMT
server: UploadServer
etag: "087008fa497bb67bcdf1a4c150537516"
x-goog-generation: 1695750566263908
x-goog-hash: crc32c=UBw1Fg==, md5=CHAI+kl7tnvN8aTBUFN1Fg==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 224
accept-ranges: bytes

GET pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 0
0

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
571 B 204ms
6ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:28 GMT
an-x-request-uuid: f0b9a116-afa4-4e2b-8457-06f1dd0dc0f1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://o.canada.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.73; 45.141.152.73; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
546 B 69ms
55ms Fetch
application/json 18.185.12.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-12-185.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 04 Oct 2023 13:58:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://o.canada.com
X-LoginRadius-Server: Primary - IDX - AWS
Access-Control-Allow-Credentials: true
X-Server: ms_idx_primary
Connection: keep-alive
Content-Length: 38

GET
BLOB 200
OK e0773f9e-b5eb-489e-8287-d2328c18d960
https://o.canada.com/ 181 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://o.canada.com/e0773f9e-b5eb-489e-8287-d2328c18d960
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daa431e3c066654385128d3c786b120cf2c552e5c992da790de708ccaa5b69a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

Content-Length: 185165
Content-Type

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 129ms
57ms Preflight 18.185.12.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-12-185.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://o.canada.com
Connection: keep-alive
Date: Wed, 04 Oct 2023 13:58:28 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: Primary - IDX - AWS
X-Server: ms_idx_primary

GET
BLOB 200
OK 9a931f1f-329f-4cc8-b6f4-d6dde841fd2c
https://o.canada.com/ 181 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://o.canada.com/9a931f1f-329f-4cc8-b6f4-d6dde841fd2c
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daa431e3c066654385128d3c786b120cf2c552e5c992da790de708ccaa5b69a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

Content-Length: 185165
Content-Type

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 254 B
352 B 42ms
16ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 254 B
279 B 46ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: bc78b581a2a34e0d258b316d2f5feba6e0b35c3112b275f0928306eeee037224

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214

GET
H2 200 23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin Show response
cdn.permutive.com/models/v2/ 55 KB
38 KB 55ms
22ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af96cf5d30fd619aaa4abade2ee5940ca6cca16bfe4834a8980394ec96573ac3

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: 23dc09d6-b664-425a-a76e-0eed6a6cc102
age: 0
x-guploader-uploadid: ADPycdvwN5Ky4nae-RVipwhng-vfUhNGAUyfjIxVtPQg5iBE0SFrWYCDL0qJW-Pd9sqoIvOhwuwpoZXPmxVCD21EV5mfJkHluAVu
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 38181
last-modified: Tue, 03 Oct 2023 06:02:09 GMT
server: cloudflare
etag: "09baf5b57546c79e4eb192f8023e6b27"
vary: Accept-Encoding
x-goog-generation: 1696312929727127
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=qZoCpA==, md5=Cbr1tXVGx55OsZL4Aj5rJw==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 38181
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 810df09c692691d8-FRA
expires: Wed, 04 Oct 2023 13:47:31 GMT

GET
H2 200 / Show response
o.canada.com/api-root/lists/ed9e2185-049b-49c6-be31-fde64881e0b9/expanded/ 166 KB
19 KB 164ms
163ms Fetch
text/html 34.111.249.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o.canada.com/api-root/lists/ed9e2185-049b-49c6-be31-fde64881e0b9/expanded/?format=html&name=&from=0&type=category&load_origin_urls=false&is_sponsored=false&slugs_accepted=&slugs_excluded=&replace_video=false&template_name=feed-card-list

Requested by

Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.5.3/websites/js/549d21599267e48aeee43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

109.249.111.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

827f88a42f8d33e32bd10c9731b0dc2c1daed6ab240b1c9d9bd1de0d7490769a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/aboutus/copyright.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options: nosniff
content-encoding: gzip
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via: 1.1 google
x-envoy-upstream-service-time: 64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy: strict-origin-when-cross-origin
last-modified: Wednesday, 04-Oct-2023 13:58:28 GMT
server: istio-envoy
x-pmd-backend: pmd-nginx-proxy-8499bb5fb9-l8x85
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept, X_API_KEY, Origin
content-type: text/html; charset=utf-8
allow: GET
cache-control: max-age=300,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires: Wed, 04 Oct 2023 14:02:10 GMT

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
78 B 26ms
25ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 13:58:28 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H2

201

sync
googlesync.permutive.com/v2.0/px/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979&google_tc=
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBZIFu0pAslXtOataJKMg54&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979&google_cver=1

35 B
176 B

60ms
30ms

Image
image/gif

34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBZIFu0pAslXtOataJKMg54&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979&google_cver=1
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
vary: Origin
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBZIFu0pAslXtOataJKMg54&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=f2024031-25ca-4a38-acbf-507dfe5f4979&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 841 KB
197 KB 55ms
15ms Script
application/javascript 2600:9000:223c:2600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b899150e0095155536fa60562a4074cb0431c8bbbd3102c44f7bed9dd5906d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-amz-version-id: Xh8KjpNYnB.AwhGbaPZGWWDihGce.9P.
content-encoding: br
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
date: Wed, 04 Oct 2023 13:57:26 GMT
x-amz-cf-pop: FRA56-P2
age: 63
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 16:41:38 GMT
server: AmazonS3
etag: W/"692e5c2944e4cb1556e3b37dfea52814"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: dWnlCrAMFFGAgWp9CdKNIGmZbMPLtW_0eft-Zd6NaOk381R4eEYw6w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
62 KB 59ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aeca04b36ba184f093a2ba1a421cd4a4457e3f3cf70de195c8cafdbb7a61f0ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63295
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 13:58:28 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 48ms
12ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:52:10 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 29241
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: VfapIBuU7jCZ8xpwzJZo2FVARkSIndBhWST4tyyw9V9L9WZ7e6ASeA==

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 295 KB
99 KB 42ms
11ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: bba351a004a2706f1c0507c6846969f89504055be31fcc6437406952d8e930db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-eddf8230115-FRA
date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 96
x-timer: S1696427909.694017,VS0,VE0
x-origin-name: fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache: HIT, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 100948
x-cache-hits: 12, 3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
50 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v87.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42e01105a70689612cc21b9ac789599f636a8219cddda2a70006594ab672a269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50490
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 13:58:28 GMT

GET
H2 200 GettyImages-1086927236-e1696360484284.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 11 KB
12 KB 116ms
12ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/GettyImages-1086927236-e1696360484284.jpg?quality=90&strip=all&w=344&type=webp&sig=pLwCKg3pps3Ma2ZpXjzsJQ
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 406a0668b943c27c7a317ef239fc8eaddb0b66cde060e1b6409121653c664559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Tue, 03 Oct 2023 21:37:51 GMT
via: 1.1 google
server: nginx/1.18.0
age: 58837
etag: "8d92390fb6442b7132122cd07b2ac247157d37cf"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-745f5c45c7-nw7m9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11664

GET
H2 200 vs-salut-vanisle-nbc-cobbsalad-credit.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/ 26 KB
26 KB 110ms
7ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/vs-salut-vanisle-nbc-cobbsalad-credit.jpg?quality=90&strip=all&w=344&type=webp&sig=0_3MN7_JRbZiQGgm66OTrw
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: ad4078f1ff1a4e083a0df685db2cce18620d0835de40400933683235400f6966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-pmd-smartcdn-requester: vancouversun
date: Tue, 03 Oct 2023 19:05:31 GMT
via: 1.1 google
server: nginx/1.18.0
age: 67977
etag: "29aedb14ee2e4d2a073b0d8160bbc29ec7f141d7"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-745f5c45c7-qm8nd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26214

GET
H2 200 1004-salut-5-finds-fable.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/ 18 KB
18 KB 121ms
17ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/1004-salut-5-finds-fable.jpg?quality=90&strip=all&w=344&type=webp&sig=X_u8UciNMThY5mzowDHz6g
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: e4f66624f34a04ebe6d21b0f6dee9afd8313cd36325b05cc78a8132eb8917a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-pmd-smartcdn-requester: vancouversun
date: Tue, 03 Oct 2023 18:05:57 GMT
via: 1.1 google
server: nginx/1.18.0
age: 71551
etag: "18f27f5881d75d2859bada3aaf2382e447ecac38"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-745f5c45c7-hjt22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18450

GET
H2 200 png-0521.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/ 28 KB
28 KB 117ms
14ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/png-0521.jpg?quality=90&strip=all&w=344&type=webp&sig=qZNfrDEH6_pXnslItb8BkA
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 1f392629c11e406956d38421a6e5e60e45d294fcdabe7644c31148b4382e3e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-pmd-smartcdn-requester: vancouversun
date: Tue, 03 Oct 2023 18:08:30 GMT
via: 1.1 google
server: nginx/1.18.0
age: 71398
etag: "0057716a434f83d81970517106e795b2e9439f9c"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-745f5c45c7-x8zht
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28414

GET
H2 200 1007-it-list.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/ 9 KB
9 KB 120ms
17ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/09/1007-it-list.jpg?quality=90&strip=all&w=344&type=webp&sig=96b0YXcffRFbfbxCU1Pe7Q
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: ccbaec277b4817b4d510e4733626c8081893989732656cbabc44414a68203e86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-pmd-smartcdn-requester: vancouversun
date: Tue, 03 Oct 2023 18:05:57 GMT
via: 1.1 google
server: nginx/1.18.0
age: 71551
etag: "0d7d96e8d74eb9847a208b73e5c621bd664db1c2"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-745f5c45c7-hjt22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9034

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 133ms
1ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 679
date: Wed, 04 Oct 2023 13:58:28 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 254
x-fastly-trace-id: 2179147990
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra-eddf8230094-FRA
x-timer: S1696427909.928790,VS0,VE0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
66 KB 91ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7226a39307a576c47b10a571f36809147ef122367ac86cdc368b9f45aa69cd32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67937
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 13:58:28 GMT

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
316 B 127ms
121ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

827d792aa02db71c87cbc8e6160466bfbcd45658a8f40a6f6793c6d15a544252

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-fra-eddf8230094-FRA
date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=900
server: Kestrel
x-timer: S1696427909.956537,VS0,VE105
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
x-fastly-trace-id: 2179148273
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 79ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e02f2e0a709ce621c8ed15e9ee2c93f7b8f67f167da706d822073e6bee28d427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44529
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 13:58:28 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 310 KB
92 KB 108ms
56ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a063b4b5cfeb48ca4ab775e2dc55ef3c8d49413d666c955053f9ae5d6bb49ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94374
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 13:58:28 GMT

POST
H2 200 v2 Show response
api.viafoura.co/v2/o.canada.com/bootstrap/ 7 KB
3 KB 305ms
109ms XHR
application/json 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e474bad6bd6dc72518a76d3886832049a49e4acb7af688a28f11cf248a5b7d79

Request headers

Accept: application/json, text/plain, */*
Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

x-instance-id: i-0e2a51df8ace958c6
pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://o.canada.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Wed, 04 Oct 2023 13:58:29 GMT

OPTIONS
H2 204 v2
api.viafoura.co/v2/o.canada.com/bootstrap/ Frame 0
0 307ms
94ms Preflight 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin: https://o.canada.com
access-control-max-age: 1728000
cache-control: max-age=0
date: Wed, 04 Oct 2023 13:58:29 GMT
expires: Wed, 04 Oct 2023 13:58:29 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 14648-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 81 KB
7 KB 706ms
279ms XHR
application/json 23.212.211.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-211-47.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 8b167fdc846138cdac8e06e187aa459314403ddbe803e6781bd7b0cfde342dd7

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 13:40:40 GMT
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6531

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 59ms
20ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231004

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478bf656d14a54eb37d140e2ab2035b97d3f48e9eeeae540661f1a0f4c44bfca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35856
x-jsd-version: 1.0.1832
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4562-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-bAvnhruO8FNgjanV9h+ubvs0+Zo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmqQnSrpL%2FgOSV4Z4bXq62ENnw8SQuePSbm3sXY7oHjPYyUAUK4aJ67cyEQY9Z1L0RHAtx235Mzebs%2Bq4kU6r7RCxuf7CCMpo26hoE%2FlgThKpq8R8H%2FoXOBfhbO1h4AIq%2Fu%2FA410VuuL%2BRr5cPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 810df0a01bdd0418-FRA

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 0
201 B 42ms
12ms XHR
text/plain 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-fra-eddf8230098-FRA
date: Wed, 04 Oct 2023 13:58:29 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1696427909.224154,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
128 B 19ms
19ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8848fcd2141c15acb16fee29c30a3fc87672ee5dea88989fda71acb419644608

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
72 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34dafd8d617999fa8dad4910a36ddf0a192737269e4fb30185f1f0c029e15ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74092
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 13:58:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 526
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 04 Oct 2023 15:49:43 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 124 KB
34 KB 952ms
524ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a11f61f35ac9dcc999bafd9e01244ecb85abc84cab10a1da61c30cc969aa896

Request headers

Referer: https://o.canada.com/
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-response-time: 4ms
date: Wed, 04 Oct 2023 13:58:30 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 04 Oct 2023 13:02:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 8
accept-ranges: bytes
cf-ray: 810df0a4081a6420-SJC
alt-svc: h3=":443"; ma=86400
content-length: 34812

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 34ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 13:58:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: S/K/JZPtlNCFWEpHwB4KU/ERY4/QFHH3475qhvUN/tpwcpGtkwWDnBKiXTx3bDyeRD+hVVB7nAEot9HSvJLLnA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 33 KB
11 KB 56ms
9ms Script
text/javascript 65.9.66.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-74.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-amz-version-id: XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
date: Wed, 04 Oct 2023 05:58:18 GMT
last-modified: Thu, 24 Aug 2023 11:20:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 28812
x-amz-server-side-encryption: AES256
etag: W/"10ba0dba424c8954df3533bfd881e874"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: hzxjonKHupA2DgeoR0-iTD8WZ7He0bn_5z95zlbc6MFiqbyYqATXXA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 35ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0f0de8034c483f43c368ae4cf3216e2ccc1757a52fe44dd52c5c7d6cff9dca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90450
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 04 Oct 2023 13:58:29 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/o.canada.com/ 58 KB
21 KB 50ms
7ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/o.canada.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c84c250a291d9bd5fc9fc93c82527fd53cf746d76c0479ecc7d9b7eecbdd0104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Oct 2023 13:47:37 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 13:34:56 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 947
etag: W/"651c1880-e647"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: gUVlVSCMIsitmFoPhukY0kJMRUdOJoN0J2xHYDCXA2C1wzUaZelEnw==
expires: Thu, 05 Oct 2023 13:42:42 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 16ms
8ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1696427909267&ns_c=UTF-8&c8=Canada.Com&c7=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&c9=
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: J9Jqn8XUMzWte90RrmAiiNQSbtByqojtQgBZBK8oqhSnv4PMU7OK0g==
x-cache: Miss from cloudfront

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 11ms
5ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 679
date: Wed, 04 Oct 2023 13:58:29 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 255
x-fastly-trace-id: 2179151982
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra-eddf8230094-FRA
x-timer: S1696427909.295240,VS0,VE0

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
248 B 125ms
116ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fe5c0b5fa79cd7ef2bb04073ef5f84275f7419e4ae2b2e20f86e4f4346117963

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-fra-eddf8230094-FRA
date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=900
server: Kestrel
x-timer: S1696427909.317150,VS0,VE111
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
x-fastly-trace-id: 2179152190
accept-ranges: bytes
x-cache-hits: 0

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 41ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 55977256573d55d33c904a7032495bd94f6a5f1cff07ceb0d195868501cc0613

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 0
58 B 9ms
8ms XHR
text/plain 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-fra-eddf8230098-FRA
date: Wed, 04 Oct 2023 13:58:29 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1696427909.336131,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/f2024031-25ca-4a38-acbf-507dfe5f4979/ 12 B
25 B 101ms
100ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/f2024031-25ca-4a38-acbf-507dfe5f4979/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 13:58:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
970 B 134ms
7ms Fetch
application/json 18.66.112.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-48.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 12:10:10 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront), 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2, FRA56-P5
age: 6499
x-amzn-requestid: 5a17de15-56bc-4730-a58f-18837ddd041c
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: MRplfHs_iYcFqiQ=
content-length: 555
x-amz-cf-id: 7FBucFv1XZJ6T9Ibl_TGAOvWegJ8RQHSrX0_PL37_ROKCTguN70DfA==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 22 KB
7 KB 54ms
8ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-amz-version-id: bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding: gzip
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
date: Wed, 04 Oct 2023 04:13:32 GMT
last-modified: Tue, 13 Jun 2023 14:58:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 36269
x-amz-server-side-encryption: AES256
etag: W/"565eb88b90415391668a5cb7cfb4557a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Wk1Q4bSh9H7DdJ4J8uBkp-pVM0BGOpOJAJ-pHj1YC_sOFmT3SrAx5w==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 15ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=359474334&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&ul=en-us&de=UTF-8&dt=Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAACAEK~&jid=1041994623&gjid=1959698367&cid=1283823978.1696427909&tid=UA-213173459-10&_gid=383986294.1696427909&_r=1&_slc=1&gtm=45He3a20n81P3Q4QHW&cd2=2023-10-04T15%3A58%3A29.258%2B02%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=14.5.3&cd26=v87.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd52=index&cd65=false&cd1=1283823978.1696427909&z=815534357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 15ms
15ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

292942b7ea009b33947befcd41c1fc5d794deb1be3537385af9913c4eff98458

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 9ms
8ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=359474334&t=event&ni=1&_s=1&dl=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&ul=en-us&de=UTF-8&dt=Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=error&ea=404%20Error&el=&_u=YGDACAABBAAAACAEK~&jid=&gjid=&cid=1283823978.1696427909&tid=UA-213173459-10&_gid=383986294.1696427909&gtm=45He3a20n81P3Q4QHW&cd2=2023-10-04T15%3A58%3A29.350%2B02%3A00&cd3=A23850D5-174A-48A3-3EEA-DA21C1D585EE&cd4=2345902473060660936&cd5=2345902473060660936&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=14.5.3&cd26=v87.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd52=index&cd65=false&cd1=1283823978.1696427909&z=1463003645

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 08:42:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 241ms
33ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1696427909423&plid=4ba6c4af-b8c0-4c1d-a116-1f2a4d4f522e&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&sref=&sts=1696427909419&slts=0&title=Canada.Com&date=Wed+Oct+04+2023+15%3A58%3A29+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=69b3cacf-d35c-4f42-92ba-6e4bed5f8eda&u=pid%3Deb694505-e4b5-47fe-846a-95078198de16
Requested by: Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 13:58:29 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 04-Oct-2023 13:58:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 41 B
156 B 38ms
11ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 7816e9d82b9ccb1051d02ece468029fcd4664a02b4046ca0ae31baab608c9739

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-fra-eddf8230098-FRA
date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
via: 1.1 varnish
server: Kestrel
x-timer: S1696427909.497781,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 1685973801652415 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1685973801652415?v=2.9.132&r=stable&domain=o.canada.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab91872bc8238e9209c8a8ef861e289258f3f8a5331612819edd9836e5cedc94

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 13:58:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: LuWULLgPozXNcQ65d+Tfk+d3DTNpo++rtRWKgcIjhwdRDVMtJftfXtAmmFrUMYG/sXg/STRmlq5yB6bV75WeuQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 98ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je3a20&_p=359474334&_gaz=1&cid=1283823978.1696427909&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&dr=&sid=1696427909&sct=1&seg=0&dt=Canada.Com&en=error&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=14.5.3&ep.fem_version=v87.0&ep.brand=canada.com&ep.timestamp=2023-10-04T15%3A58%3A29.252%2B02%3A00&ep.error_type=404%20Error
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 102ms
21ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CBS6P3K53Q&cid=1283823978.1696427909&gtm=45je3a20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 112ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CBS6P3K53Q&cid=1283823978.1696427909&gtm=45je3a20&aip=1&z=1289846560

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 81ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-10&cid=1283823978.1696427909&jid=1041994623&gjid=1959698367&_gid=383986294.1696427909&_u=YGBACAAABAAAACAEK~&z=1172744734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Oct 2023 13:58:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 57ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4PRPPJ1J9V&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33afb3d5bd5356e8e997a3a5115615a08ced0f97f8c4cee8585f3c9372704bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 04 Oct 2023 13:58:29 GMT

GET
H2 200 thirdpartycookie Show response
api.viafoura.co/v2/o.canada.com/ 45 B
645 B 143ms
98ms XHR
application/json 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/o.canada.com/thirdpartycookie?section=
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4851:ed4a:95ad:bc00:3746 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept: application/json, text/plain, */*
Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

x-instance-id: i-0ce8e4c101d27c022
pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://o.canada.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Wed, 04 Oct 2023 13:58:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&rl=&if=false&ts=1696427909731&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696427909725.1364761659&cs_est=true&ler=empty&it=1696427909499&coo=false&exp=a0&rqm=GET

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Oct 2023 13:58:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 52ms
52ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 13:58:29 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 55ms
32ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-10&cid=1283823978.1696427909&jid=1041994623&_u=YGBACAAABAAAACAEK~&z=746229562

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-10&cid=1283823978.1696427909&jid=1041994623&_u=YGBACAAABAAAACAEK~&z=746229562

Requested by

Host: o.canada.com
URL: https://o.canada.com/aboutus/copyright.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4PRPPJ1J9V&gtm=45je3a20&_p=359474334&ul=en-us&sr=1600x1200&cid=1283823978.1696427909&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fo.canada.com%2Faboutus%2Fcopyright.html&dt=Canada.Com&sid=1696427909&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PRPPJ1J9V&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 13:58:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 intl-messageformat.84a823b8bd9224ddc715.js Show response
cdn.viafoura.net/chunks/defaultVendors~languages/ 17 KB
5 KB 10ms
6ms Script
application/javascript 2600:9000:223c:2600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.84a823b8bd9224ddc715.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bedbd59d61334306ac0910e0d314aadda1ff71289f506a26ad2846a395b1021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:41:51 GMT
x-amz-version-id: oN.3Y79im0oZRpDRKGd8pHRgQGzIcHr6
content-encoding: br
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 76599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 16:41:05 GMT
server: AmazonS3
etag: W/"75ed0529677404bc5b1cab178c4e0b8d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: 4iaFaTNHb--ZTgsP3HlmHZRcwmtlxzUSHJY2ifs5-LmUy9zG_h00lg==

GET
H2 200 intl-messageformat.1a1cdfc05ff7935c9501.js Show response
cdn.viafoura.net/chunks/languages/ 135 B
614 B 10ms
7ms Script
application/javascript 2600:9000:223c:2600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/intl-messageformat.1a1cdfc05ff7935c9501.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fab3a5b45c07012708c6ad1649345d90396f7be12a822c5bb68f2ecb88d429bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:41:51 GMT
x-amz-version-id: NWxYSiuc6jPleTBpiRw4dVosl.gVGQFX
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 76599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 135
last-modified: Tue, 03 Oct 2023 16:41:12 GMT
server: AmazonS3
etag: "ab246a0b09ca785a5a04858030afba86"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Y587Zmmguqh4U0a7uE3z9tkwexjvw3n069KTHAK2wgSrpnHuGQrYgA==

GET
H2 200 en-us-base-json.3ade99cd7fac103771a0.js Show response
cdn.viafoura.net/chunks/languages/ 19 KB
5 KB 11ms
8ms Script
application/javascript 2600:9000:223c:2600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-base-json.3ade99cd7fac103771a0.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b98a09f916713f08b8adc1edc21040480d9f5e305afa0256cfd41b3408ce254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:41:51 GMT
x-amz-version-id: ocybXsPrlKpK5Bp_HxSt4TELgVmSgS67
content-encoding: br
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 76599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 16:41:07 GMT
server: AmazonS3
etag: W/"8b5fb8045a9471f6844ff5ecb5d7bc34"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: PZNWVmZsIP3604hl1apZg8UGmGvw5GM_JKccXHZ7Ca7fwbNzDlpxJA==

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/ 204 KB
48 KB 17ms
16ms Script
text/javascript 2606:4700::6812:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/LoginRadiusV2.js

Requested by

Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b724128d513fe8a2abe466b9eea06f1c4ec5899f4cf302a4d1963f463caa347

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:29 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
age: 4179
x-amz-cf-pop: FRA53-C1
cf-polished: origSize=1300481
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 07:10:52 GMT
server: cloudflare
etag: W/"3ba0ce20d834b755eccbe57cb0bd74f1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 810df0a49a3a0410-FRA
x-amz-cf-id: rtrItgAOcTIQIx8lTzZn7FUJBG5_Sy-N33dczfW-spuHSpmTkHOaaA==
expires: Wed, 04 Oct 2023 17:58:29 GMT

POST
H2 200 ingest
i.viafoura.co/v3/o.canada.com/ 67 B
389 B 383ms
84ms Ping
image/png 18.212.0.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.viafoura.co/v3/o.canada.com/ingest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.212.0.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-212-0-191.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://o.canada.com
date: Wed, 04 Oct 2023 13:58:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 svod-module-js.2fc24139f286f77a7cf0.js Show response
cdn.viafoura.net/chunks/vuex_store/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2600:9000:223c:2600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.2fc24139f286f77a7cf0.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 867de55358f9c11aff0ff53c7be9b04c76d73df7d85131602a38b5d1d6e42f06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:41:52 GMT
x-amz-version-id: x23b4XXEF_8elYk6fgDQWgqTKCLmK2og
content-encoding: br
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 76598
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 16:41:18 GMT
server: AmazonS3
etag: W/"b42a0ba74e3c038f903840a0b0630ce5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: IsBAK704Tp7Y2uKs4SMbeffA79ae7UpAgOjNJFGdM0Jk-VYTw1WvXQ==

GET
H2 200 appInfo Show response
config.lrcontent.com/ciam/ 4 KB
2 KB 46ms
36ms XHR
application/json 2606:4700::6812:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by: Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a01c922d8b974da72077cc01adece17206e7d8c254cbe0f87720e2a1aaddf8

Request headers

Referer: https://o.canada.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://o.canada.com
cache-control: max-age=86400
cf-ray: 810df0a5ae788ffe-FRA

OPTIONS
H2 204 appInfo
config.lrcontent.com/ciam/ Frame 0
0 95ms
59ms Preflight 2606:4700::6812:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://o.canada.com
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 810df0a51e0e8ffe-FRA
date: Wed, 04 Oct 2023 13:58:29 GMT
server: cloudflare
vary: Origin

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
546 B 74ms
59ms XHR
application/json 18.185.12.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-12-185.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://o.canada.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 13:58:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://o.canada.com
X-LoginRadius-Server: Primary - IDX - AWS
Access-Control-Allow-Credentials: true
X-Server: ms_idx_primary
Connection: keep-alive
Content-Length: 38

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 72ms
52ms Preflight 18.185.12.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-12-185.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://o.canada.com
Connection: keep-alive
Date: Wed, 04 Oct 2023 13:58:30 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: Primary - IDX - AWS
X-Server: ms_idx_primary

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 50 B
848 B 68ms
13ms XHR
application/json 162.55.144.217
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.144.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 04 Oct 2023 13:58:30 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 66

GET
H2 200 1161e9040817e1f5e226.js Show response
sdk.mrf.io/statics/ 45 KB
11 KB 370ms
369ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/1161e9040817e1f5e226.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b5bb381b1f7114acabe35b456b08cf2e759ed65f20753603703a49acbceece

Request headers

Referer: https://o.canada.com/
Origin: https://o.canada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:58:30 GMT
content-encoding: gzip
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 132
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Sep 2023 08:11:30 GMT
server: cloudflare
etag: W/"94a30c044d71479e4564be9d1c0bb0b3"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 810df0a79b716420-SJC
x-amz-cf-id: 7DDuCE8Y_j7VefXYcJzwkQKiLI7JEF2x-eMMZcCd6sLmVpGITul0iA==

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
776 B 25ms
22ms Ping
application/json 162.55.144.217
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.144.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://o.canada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 04 Oct 2023 13:58:30 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/10276888/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
382 B

8ms
8ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.38 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 06:08:23 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 37476
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 8gL1lyxdAShWU4KY0dm35bo8tkuFDs2SBd303Yj3wZSj052WzmItDg==

Redirect headers

date: Wed, 04 Oct 2023 13:58:30 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: g43SapyWzjMysxReIPS6TPluf6_IqAQT_RV6bF_8ZYYh1TPPj0ENYA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.canada.com/	1970-01-20 19:37:19	Name: permutive-id Value: f2024031-25ca-4a38-acbf-507dfe5f4979
o.canada.com/	1970-01-20 15:23:52	Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1696427908525,"mac":431541513}
.doubleclick.net/	1970-01-21 00:35:23	Name: IDE Value: AHWqTUnEiMuISCeZUPh1cZLhrAjqwfXMruWgrxIVUlHr3hO9TbDfZiQlUqOisZ_mCf8
o.canada.com/	1970-01-20 15:23:52	Name: x-id Value: {"data":{"adLight":false,"id":"gubfj9qg2qvz0str9834hhvbfj2rjecr","updated":1696427908658},"exp":604800000,"ts":1696427908658,"mac":527511869}
fem.gprod.postmedia.digital/	1970-01-20 15:23:52	Name: x-id Value: {"data":{"adLight":false,"id":"gubfj9qg2qvz0str9834hhvbfj2rjecr","updated":1696427908658},"exp":604800000,"ts":1696427908682,"mac":527514566}
o.canada.com/	1970-01-20 15:13:48	Name: __adblocker Value: false
o.canada.com/	1970-01-20 15:56:59	Name: _pbjs_userid_consent_data Value: 3524755945110770
.canada.com/	1970-01-20 15:56:59	Name: pbjs_sharedId Value: fdb963c4-5dd4-45ff-aa4f-356a4dce8916
.canada.com/	1970-01-20 15:15:14	Name: _gid Value: GA1.2.383986294.1696427909
.canada.com/	1970-01-20 15:13:47	Name: _gat_UA-213173459-10 Value: 1
.canada.com/	1970-01-20 15:13:47	Name: _gat_UA-138335866-21 Value: 1
.canada.com/	1970-01-20 15:13:49	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/aboutus/copyright.html%22%2C%22sref%22:%22%22%2C%22sts%22:1696427909419%2C%22slts%22:0}
.canada.com/	1970-01-21 00:43:11	Name: _parsely_visitor Value: {%22id%22:%22pid=eb694505-e4b5-47fe-846a-95078198de16%22%2C%22session_count%22:1%2C%22last_session_ts%22:1696427909419}
.canada.com/	1970-01-20 23:59:23	Name: mprtcl-v4_4662F03F Value: {'gs':{'ie':1\|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'\|'av':'1.0.0'\|'cgid':'6bb90219-d607-4e0a-df65-60f2a0e599e8'\|'das':'e778f5ac-d2ae-4b61-0be9-6a2a9f2d48fd'\|'csm':'WyIyMzQ1OTAyNDczMDYwNjYwOTM2Il0='\|'sid':'A23850D5-174A-48A3-3EEA-DA21C1D585EE'\|'les':1696427909468\|'ssd':1696427908801}\|'l':1\|'2345902473060660936':{'fst':1696427909172\|'ui':'eyIwIjoiZ3ViZmo5cWcycXZ6MHN0cjk4MzRoaHZiZmoycmplY3IifQ=='}\|'cu':'2345902473060660936'}
.viafoura.co/	1970-01-20 15:56:59	Name: VfSess Value: 3r7nuk1uonebkjorq4bpr2ciit
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
.canada.com/	1970-01-21 00:49:47	Name: _ga Value: GA1.1.1283823978.1696427909
.canada.com/	1970-01-20 17:23:23	Name: _gcl_au Value: 1.1.2127041856.1696427910
.canada.com/	1970-01-21 00:49:47	Name: _ga_CBS6P3K53Q Value: GS1.1.1696427909.1.1.1696427909.60.0.0
.canada.com/	1970-01-20 17:23:23	Name: _fbp Value: fb.1.1696427909725.1364761659
.canada.com/	1970-01-21 00:49:47	Name: _ga_4PRPPJ1J9V Value: GS1.2.1696427909.1.0.1696427909.0.0.0
o.canada.com/	1970-01-20 15:13:48	Name: _vfz Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.1696427910.1.medium=direct\|source=\|sharer_uuid=\|terms=
.canada.com/	1970-01-20 23:59:23	Name: _vfa Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.36cedc31-4a4d-4aec-b63a-2549b6e76d22.1696427910.1696427910.1696427910.1
.canada.com/	1970-01-20 15:13:49	Name: _vfb Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.2..1696427910....
.viafoura.co/	1970-01-20 23:59:23	Name: vfDeviceId Value: 4e3b1b9b-b274-41d4-ab4a-5170c36ed708
.canada.com/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1696427910%2C%22currentVisitStarted%22%3A1696427910%2C%22sessionId%22%3A%229a7988c1-0574-4e74-bab1-35318ea4e6fe%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//o.canada.com/aboutus/copyright.html%22%2C%22referrer%22%3A%22%22%7D
.canada.com/	1970-01-20 19:37:19	Name: ___nrbi Value: %7B%22firstVisit%22%3A1696427910%2C%22userId%22%3A%22cfee5dde-3671-4ecd-9c43-9e0d811a8456%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1696427910%2C%22timesVisited%22%3A1%7D
.canada.com/	1970-01-20 19:37:19	Name: compass_uid Value: cfee5dde-3671-4ecd-9c43-9e0d811a8456
events.newsroom.bi/	1970-01-20 19:32:59	Name: 1528_u Value: cfee5dde-3671-4ecd-9c43-9e0d811a8456
events.newsroom.bi/	1969-12-31 23:59:59	Name: 1528_s Value: 9a7988c1-0574-4e74-bab1-35318ea4e6fe
events.newsroom.bi/	1970-01-20 15:56:59	Name: 1528_lv Value: null
events.newsroom.bi/	1970-01-20 15:56:59	Name: 1528_ut Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://o.canada.com/aboutus/copyright.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://o.canada.com/aboutus/copyright.html Message: The resource https://ak.sail-horizon.com/spm/spm.v1.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
ads.rubiconproject.com
ak.sail-horizon.com
api.permutive.com
api.viafoura.co
auth.lrcontent.com
c.amazon-adsystem.com
cdn.adsafeprotected.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
dcs-static.gprod.postmedia.digital
events.newsroom.bi
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
link.canada.com
micro.rubiconproject.com
o.canada.com
onetag-geo.s-onetag.com
p1.parsely.com
postmedia.hub.loginradius.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
smartcdn.gprod.postmedia.digital
stats.g.doubleclick.net
www.canada.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.npttech.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
104.19.150.54
13.225.78.67
13.32.121.72
142.250.185.130
143.204.98.87
162.55.144.217
18.185.12.185
18.212.0.191
18.66.100.58
18.66.112.103
18.66.112.48
184.30.211.26
2001:4860:4802:34::36
23.212.211.47
2600:1f18:44f0:4851:ed4a:95ad:bc00:3746
2600:9000:223c:2600:8:2ae1:d740:93a1
2606:4700:3033::6815:325a
2606:4700:4400::ac40:9256
2606:4700::6810:5614
2606:4700::6812:5eb
2606:4700:e6::ac40:cf09
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::645
2a04:4e42::645
3.222.82.214
34.107.254.252
34.111.249.109
34.111.67.160
34.117.54.29
34.149.157.221
34.224.24.192
37.252.171.85
52.222.208.154
54.155.18.159
65.9.66.74
99.86.4.30
01a01c922d8b974da72077cc01adece17206e7d8c254cbe0f87720e2a1aaddf8
0415a52758bdf98ee20e9d66dc46ca4242ae73173f6f21a3ffd7081de24d8095
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1
12cd1e80cd036653c94580bfe746ba9c10e13f6c008f3a6c0814c985b75a3f5e
13d3af53ed9afb6de4eb54fd4ee6d4acf480dc45779dd556922cddc9c9408a4a
176ad5eb0be655837d8a5b01f34e37af26d2affb609918711464ee35ec20989f
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
185d375430b6e97b951c7f5c877dfc0eb1f0fab1cc29b5505a05d50cc92df3ae
1878705aec86baf73aac495488bd3b4d7b96be51f50cebf682105a8a128dd631
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b98a09f916713f08b8adc1edc21040480d9f5e305afa0256cfd41b3408ce254
1f392629c11e406956d38421a6e5e60e45d294fcdabe7644c31148b4382e3e9f
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
292942b7ea009b33947befcd41c1fc5d794deb1be3537385af9913c4eff98458
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33afb3d5bd5356e8e997a3a5115615a08ced0f97f8c4cee8585f3c9372704bd1
34dafd8d617999fa8dad4910a36ddf0a192737269e4fb30185f1f0c029e15ee4
39f38410c55909990198bec4def77bd2348d9a27a6cb0de629109b690726290e
3ce8f125006c94a87bf10542b776d7bcbc6c7894c12ddf5faaf9fd3358212771
3f1e409bdcf5920c4899c37c39e7b3fb92b60a2c1a041a16648b010e5bd439d4
406a0668b943c27c7a317ef239fc8eaddb0b66cde060e1b6409121653c664559
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
42e01105a70689612cc21b9ac789599f636a8219cddda2a70006594ab672a269
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
478bf656d14a54eb37d140e2ab2035b97d3f48e9eeeae540661f1a0f4c44bfca
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
542dd642e2f1026f243935bca3147e0bba7b68d8d783a3c82cb4f5cd5396404b
55977256573d55d33c904a7032495bd94f6a5f1cff07ceb0d195868501cc0613
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b724128d513fe8a2abe466b9eea06f1c4ec5899f4cf302a4d1963f463caa347
7226a39307a576c47b10a571f36809147ef122367ac86cdc368b9f45aa69cd32
7816e9d82b9ccb1051d02ece468029fcd4664a02b4046ca0ae31baab608c9739
7f5908113d8ad81f7365415ffe4faaed244b99f15b60bf1d8e2bcc1fbf10c9ba
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
827d792aa02db71c87cbc8e6160466bfbcd45658a8f40a6f6793c6d15a544252
827f88a42f8d33e32bd10c9731b0dc2c1daed6ab240b1c9d9bd1de0d7490769a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867de55358f9c11aff0ff53c7be9b04c76d73df7d85131602a38b5d1d6e42f06
8848fcd2141c15acb16fee29c30a3fc87672ee5dea88989fda71acb419644608
8b167fdc846138cdac8e06e187aa459314403ddbe803e6781bd7b0cfde342dd7
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
9a11f61f35ac9dcc999bafd9e01244ecb85abc84cab10a1da61c30cc969aa896
9bedbd59d61334306ac0910e0d314aadda1ff71289f506a26ad2846a395b1021
a063b4b5cfeb48ca4ab775e2dc55ef3c8d49413d666c955053f9ae5d6bb49ab2
a0dd8bd4b802182d8625c59939cb9fbb2b0f75975c0557296ca11b26bd4bb464
a0f0de8034c483f43c368ae4cf3216e2ccc1757a52fe44dd52c5c7d6cff9dca2
ab91872bc8238e9209c8a8ef861e289258f3f8a5331612819edd9836e5cedc94
ad4078f1ff1a4e083a0df685db2cce18620d0835de40400933683235400f6966
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeca04b36ba184f093a2ba1a421cd4a4457e3f3cf70de195c8cafdbb7a61f0ed
af96cf5d30fd619aaa4abade2ee5940ca6cca16bfe4834a8980394ec96573ac3
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b5b5bb381b1f7114acabe35b456b08cf2e759ed65f20753603703a49acbceece
b899150e0095155536fa60562a4074cb0431c8bbbd3102c44f7bed9dd5906d33
bba351a004a2706f1c0507c6846969f89504055be31fcc6437406952d8e930db
bc78b581a2a34e0d258b316d2f5feba6e0b35c3112b275f0928306eeee037224
c2501ce718f0e18a8558f3820e2740a56298e9943b0f417fbcf3f0681e42151a
c84c250a291d9bd5fc9fc93c82527fd53cf746d76c0479ecc7d9b7eecbdd0104
ccbaec277b4817b4d510e4733626c8081893989732656cbabc44414a68203e86
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d314da1c0fe98b9d700b0ea14785acd14ad4d09e989e39c8b3422c1f91db98ae
d999a01a6ed8eaf5a860ddd16b87035985b878d93a2d556d2bd39358c1b4c9b5
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a
daa431e3c066654385128d3c786b120cf2c552e5c992da790de708ccaa5b69a3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e02f2e0a709ce621c8ed15e9ee2c93f7b8f67f167da706d822073e6bee28d427
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e474bad6bd6dc72518a76d3886832049a49e4acb7af688a28f11cf248a5b7d79
e4f66624f34a04ebe6d21b0f6dee9afd8313cd36325b05cc78a8132eb8917a39
e5fabb8c784dc8558a67b341a5643051f06c66b28e5adcf1985ce54a2983500f
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
fab3a5b45c07012708c6ad1649345d90396f7be12a822c5bb68f2ecb88d429bf
fe5c0b5fa79cd7ef2bb04073ef5f84275f7419e4ae2b2e20f86e4f4346117963

o.canada.com Open in urlscan Pro 34.111.249.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

96 %HTTPS

44 %IPv6

33 Domains

52 Subdomains

43 IPs

5 Countries

2302 kBTransfer

9197 kBSize

32 Cookies

16 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

o.canada.com Open in urlscan Pro
34.111.249.109 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

96 %
HTTPS

44 %
IPv6

33
Domains

52
Subdomains

43
IPs

5
Countries

2302 kB
Transfer

9197 kB
Size

32
Cookies

120 HTTP transactions
0 data transactions