urlscan.io logo urlscan.io
SecurityTrails logo

www.remic.ca Open in urlscan Pro
146.20.201.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://remic.ca/
Effective URL: https://www.remic.ca/
Submission: On September 22 via manual from CA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 4 countries across 27 domains to perform 93 HTTP transactions. The main IP is 146.20.201.190, located in United States and belongs to RACKSPACE, US. The main domain is www.remic.ca.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 2nd 2020. Valid for: a year.
This is the only time www.remic.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 146.20.201.190 27357 (RACKSPACE)
2 13.225.78.76 16509 (AMAZON-02)
11 104.18.70.113 13335 (CLOUDFLAR...)
1 4 142.250.186.130 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 142.250.186.72 15169 (GOOGLE)
1 192.0.77.2 2635 (AUTOMATTIC)
2 142.250.186.78 15169 (GOOGLE)
1 13.224.193.62 16509 (AMAZON-02)
1 45.33.56.168 63949 (LINODE-AP...)
1 13.224.193.5 16509 (AMAZON-02)
1 2.18.234.132 16625 (AKAMAI-AS)
1 23.111.9.38 33438 (HIGHWINDS2)
4 31.13.92.14 32934 (FACEBOOK)
2 74.125.71.154 15169 (GOOGLE)
4 142.250.186.35 15169 (GOOGLE)
3 13.107.21.200 8068 (MICROSOFT...)
9 172.217.16.142 15169 (GOOGLE)
2 54.146.192.246 14618 (AMAZON-AES)
2 142.250.184.234 15169 (GOOGLE)
1 13.224.193.10 16509 (AMAZON-02)
1 3.130.37.248 16509 (AMAZON-02)
4 142.250.181.228 15169 (GOOGLE)
1 2 108.174.11.69 14413 (LINKEDIN)
1 1 13.107.42.14 8068 (MICROSOFT...)
7 142.250.181.227 15169 (GOOGLE)
4 157.240.21.35 32934 (FACEBOOK)
3 104.16.53.111 13335 (CLOUDFLAR...)
1 13.225.84.24 16509 (AMAZON-02)
1 142.250.186.38 15169 (GOOGLE)
1 172.217.18.97 15169 (GOOGLE)
1 142.250.184.214 15169 (GOOGLE)
1 13.225.78.57 16509 (AMAZON-02)
93 34
15    146.20.201.190 (United States)

ASN27357 (RACKSPACE, US)
remic.ca
www.remic.ca
2    13.225.78.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-76.fra2.r.cloudfront.net
cdn.wishpond.net
11    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
googleads.g.doubleclick.net
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i2.wp.com
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
1    13.224.193.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-62.fra2.r.cloudfront.net
tag.getdrip.com
1    45.33.56.168 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: www.campaignprotection.com
monitor.campaignprotection.com
1    13.224.193.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-5.fra2.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    2.18.234.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-132.deploy.static.akamaitechnologies.com
snap.licdn.com
1    23.111.9.38 (United States)

ASN33438 (HIGHWINDS2, US)
cdn.mouseflow.com
4    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
2    74.125.71.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f154.1e100.net
bid.g.doubleclick.net
stats.g.doubleclick.net
4    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
9    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.youtube.com
2    54.146.192.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-192-246.compute-1.amazonaws.com
www.wishpond.com
2    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    13.224.193.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-10.fra2.r.cloudfront.net
certify.alexametrics.com
1    3.130.37.248 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-37-248.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
4    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
2    108.174.11.69 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
7    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
4    157.240.21.35 (France)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-cdt1.facebook.com
www.facebook.com
3    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
remic.zendesk.com
1    13.225.84.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-24.fra2.r.cloudfront.net
d14jnfavjicsbe.cloudfront.net
1    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
static.doubleclick.net
1    172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f97.1e100.net
yt3.ggpht.com
1    142.250.184.214 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f22.1e100.net
i.ytimg.com
1    13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net
api.getdrip.com
Domain Requested by
14 www.remic.ca www.remic.ca
10 static.zdassets.com www.remic.ca
static.zdassets.com
9 www.youtube.com www.remic.ca
www.youtube.com
7 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 www.facebook.com www.remic.ca
4 www.google.com www.remic.ca
www.youtube.com
4 www.gstatic.com www.remic.ca
www.gstatic.com
www.youtube.com
4 connect.facebook.net www.remic.ca
connect.facebook.net
3 remic.zendesk.com static.zdassets.com
3 bat.bing.com www.remic.ca
bat.bing.com
2 px.ads.linkedin.com 1 redirects www.remic.ca
2 fonts.googleapis.com www.remic.ca
2 www.wishpond.com cdn.wishpond.net
2 googleads.g.doubleclick.net www.googleadservices.com
www.youtube.com
2 www.google-analytics.com www.remic.ca
www.google-analytics.com
2 www.googleadservices.com 1 redirects www.remic.ca
2 cdn.wishpond.net www.remic.ca
cdn.wishpond.net
1 api.getdrip.com d14jnfavjicsbe.cloudfront.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 d14jnfavjicsbe.cloudfront.net tag.getdrip.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.linkedin.com 1 redirects
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.remic.ca
1 certify.alexametrics.com www.remic.ca
1 pixel.wp.com www.remic.ca
1 ekr.zdassets.com static.zdassets.com
1 bid.g.doubleclick.net www.googleadservices.com
1 cdn.mouseflow.com www.remic.ca
1 snap.licdn.com www.remic.ca
1 d31qbv1cthcecs.cloudfront.net www.remic.ca
1 monitor.campaignprotection.com www.remic.ca
1 tag.getdrip.com www.remic.ca
1 i2.wp.com www.remic.ca
1 www.googletagmanager.com www.remic.ca
1 stats.wp.com www.remic.ca
1 remic.ca 1 redirects
93 38
Subject Issuer Validity Valid
www.remic.ca
DigiCert SHA2 Extended Validation Server CA		 2020-09-02 -
2021-10-04		 a year crt.sh
cdn.wishpond.net
Amazon		 2020-11-19 -
2021-12-18		 a year crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.getdrip.com
Amazon		 2021-02-27 -
2022-03-28		 a year crt.sh
campaignprotection.com
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-12 -
2022-09-14		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
wishpond.com
Amazon		 2021-04-08 -
2022-05-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-09-10 -
2021-10-10		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
remic.zendesk.com
Cloudflare Inc ECC CA-3		 2021-02-17 -
2022-02-16		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.remic.ca/
Frame ID: D319E44AD1516D759FA3C315FE0D9C3E
Requests: 63 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zQXXeoeuecw
Frame ID: A7DA196FF1C057FA947B623690E41902
Requests: 19 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9CEDEC674AF63434A8496E0CB8F8BCC9
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: AC33CA821FF006B987DAE2AD5FA5AD46
Requests: 1 HTTP requests in this frame

Frame: https://cdn.wishpond.net/storage.html
Frame ID: A50D6874D2E1FFA5EA29C30E13DC5A6C
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Frame ID: DEA750CBB0AE8106892AF76196ABA196
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 753EDD007F7A6C62E353D6B310DB20C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mortgage Broker Course,Mortgage Agent Course for Licensing in Ontario | REMIC.ca

Page URL History Show full URLs

  1. http://remic.ca/ HTTP 301
    https://www.remic.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Page Statistics

93
Requests

100 %
HTTPS

0 %
IPv6

27
Domains

38
Subdomains

34
IPs

4
Countries

3551 kB
Transfer

7498 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://remic.ca/ HTTP 301
    https://www.remic.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508418%2C2599338&time=1632333286209&url=https%3A%2F%2Fwww.remic.ca%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D508418%252C2599338%26time%3D1632333286209%26url%3Dhttps%253A%252F%252Fwww.remic.ca%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508418%2C2599338&time=1632333286209&url=https%3A%2F%2Fwww.remic.ca%2F&liSync=true
Request Chain 67
  • https://www.googleadservices.com/pagead/conversion/1005194327/wcm?cc=ZZ&dn=18774473642&cl=kz2BCKPUk20Q15io3wM&ct_eid=2 HTTP 302
  • https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18774473642&cl=kz2BCKPUk20Q15io3wM

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.remic.ca/
Redirect Chain
  • http://remic.ca/
  • https://www.remic.ca/
268 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7e6aff72d5da0ebca552218f38b93f68fb39f3a93fd0f4211ebae82ea65fbd30

Request headers

:method
GET
:authority
www.remic.ca
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 22 Sep 2021 17:54:45 GMT
content-type
text/html; charset=UTF-8
content-length
49335
last-modified
Wed, 22 Sep 2021 15:26:12 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Mon, 29 Oct 1923 20:30:00 GMT
x-powered-by
PleskLin

Redirect headers

Server
nginx
Date
Wed, 22 Sep 2021 17:54:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.34 PleskLin
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Pingback
http://www.remic.ca/xmlrpc.php
X-Redirect-By
WordPress
Set-Cookie
PHPSESSID=toi0c6m8v1urc2fb5ngt0m5uqn; path=/
Location
https://www.remic.ca/
fontawesome-webfont.woff2
www.remic.ca/wp-content/themes/inbound/fonts/ 		75 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/themes/inbound/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Request headers

:path
/wp-content/themes/inbound/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"5ea382a1-12d68"
last-modified
Sat, 25 Apr 2020 00:21:53 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=10368000
accept-ranges
bytes
content-length
77160
expires
max-age=A10368000, public
246x0.css
www.remic.ca/wp-content/cache/wpfc-minified/erkravi8/ 		225 KB
226 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/erkravi8/246x0.css
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8f83a90c321c546cacbf2c341962cb4f9ee1f21d6592926e81900554733f5572

Request headers

:path
/wp-content/cache/wpfc-minified/erkravi8/246x0.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"6138fce6-384fa"
last-modified
Wed, 08 Sep 2021 18:11:50 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
content-length
230650
expires
max-age=A10368000, public
21e36.css
www.remic.ca/wp-content/cache/wpfc-minified/o67ubf0/ 		50 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/o67ubf0/21e36.css
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a8cc8041caa423e83f8a21a3ada846454d2a332f9df51c83691b90bc14363d85

Request headers

:path
/wp-content/cache/wpfc-minified/o67ubf0/21e36.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"6138e2fc-c91e"
last-modified
Wed, 08 Sep 2021 16:21:16 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
content-length
51486
expires
max-age=A10368000, public
aokm.css
www.remic.ca/wp-content/cache/wpfc-minified/kogvzbks/ 		102 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/kogvzbks/aokm.css
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0394ebd94c0f0249276090cde3aa97df71cc5f4756cc9169b7315baf9202fb2e

Request headers

:path
/wp-content/cache/wpfc-minified/kogvzbks/aokm.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"6137951e-19961"
last-modified
Tue, 07 Sep 2021 16:36:46 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
content-length
104801
expires
max-age=A10368000, public
21e36.css
www.remic.ca/wp-content/cache/wpfc-minified/mac2k7ag/ 		298 KB
298 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/mac2k7ag/21e36.css
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e3bfebd6de366c657e2c35d0d1f0fa45e272b0edb0075b5484d329a612d17d12

Request headers

:path
/wp-content/cache/wpfc-minified/mac2k7ag/21e36.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"6138e2fc-4a691"
last-modified
Wed, 08 Sep 2021 16:21:16 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
content-length
304785
expires
max-age=A10368000, public
aonf.css
www.remic.ca/wp-content/cache/wpfc-minified/8j2hv27x/ 		44 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/8j2hv27x/aonf.css
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
85c8dd02d290c8af679e234cd37eb21ffcd5b2cdd88f649ec727aa7bbc955741

Request headers

:path
/wp-content/cache/wpfc-minified/8j2hv27x/aonf.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"61379551-b16c"
last-modified
Tue, 07 Sep 2021 16:37:37 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
content-length
45420
expires
max-age=A10368000, public
aong.js
www.remic.ca/wp-content/cache/wpfc-minified/mkoqxx5j/ 		162 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/mkoqxx5j/aong.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8def7f14fd6890d3dab7a296f963d5bf9dfe362f507e0a31f1ad034f5a08ba9a

Request headers

:path
/wp-content/cache/wpfc-minified/mkoqxx5j/aong.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"61379552-286d3"
last-modified
Tue, 07 Sep 2021 16:37:38 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=10368000
accept-ranges
bytes
content-length
165587
expires
max-age=A10368000, public
connect.js
cdn.wishpond.net/ 		157 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wishpond.net/connect.js?merchantId=106971&writeKey=fd4dcb19c027
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-76.fra2.r.cloudfront.net
Software
nginx/1.17.5 /
Resource Hash
1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 22:00:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 19:17:23 GMT
server
nginx/1.17.5
age
417279
etag
W/"613fa3c3-272e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control
public, stale-if-error, max-age=3600, s-max-age=172800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7nGHgjNDGakn_k2IvjFa-47V_BnNsB0rEimRy5PqO6dK02rAzZIz0g==
snippet.js
static.zdassets.com/ekr/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=e10357ca-aa64-42fb-86ec-ea8741e6481f
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
AN5PP6HRM85MG7D2
x-amz-id-2
a9018YetnLiLRgN3YvI3upt4GKHLetSKBGKSGjEVE0C4qXQCz+YQIzGlHRrMzLonKPCSeiFj57g=
last-modified
Wed, 09 Jun 2021 00:08:59 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkp3S6qS8GqvYn4%2FSnFvpajKKxclU2%2F1k9Y82Y01WfnMG6SLhL8BoctNRdUoD7ENDRfqulmUGg%2F3XmqqkHORCqo9ocINrX5m7Tk7XrLEdpMEGL6jprKQ3CG6RAHkixPkDBbGZvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray
692d66795a7c43b8-FRA
conversion.js
www.googleadservices.com/pagead/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b43f930091a523037570fc01859bf601aac31008b755c951eab5a4735bd379a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17375
x-xss-protection
0
server
cafe
etag
1406233873247679053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Sep 2021 17:54:45 GMT
246x0.js
www.remic.ca/wp-content/cache/wpfc-minified/2paikmql/ 		202 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/2paikmql/246x0.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0fc36e408509d470de842bff3481eed0233c8b7f7ac7146131c9204ea80e736c

Request headers

:path
/wp-content/cache/wpfc-minified/2paikmql/246x0.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"6138fce6-32719"
last-modified
Wed, 08 Sep 2021 18:11:50 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=10368000
accept-ranges
bytes
content-length
206617
expires
max-age=A10368000, public
246x0.js
www.remic.ca/wp-content/cache/wpfc-minified/1z394mh/ 		485 KB
486 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/cache/wpfc-minified/1z394mh/246x0.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
4d1d02d4e169aa8314e5198ca89d17b36e1cb025fd3b6489e5d7cff0291cf7d6

Request headers

:path
/wp-content/cache/wpfc-minified/1z394mh/246x0.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"6138fce6-7933e"
last-modified
Wed, 08 Sep 2021 18:11:50 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=10368000
accept-ranges
bytes
content-length
496446
expires
max-age=A10368000, public
e-202138.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202138.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn
date
Wed, 22 Sep 2021 17:54:45 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Sep 2022 00:30:46 GMT
gtm.js
www.googletagmanager.com/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KPMVTJW
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ae8fb628dfb9e6a4d1107de3803e158ab0165653dd4c3f99ed50e06222d39350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49631
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:32:57 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 17:54:45 GMT
truncated
/ Frame A7DA 		37 B
37 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 9CED 		37 B
37 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
home-banner.jpg
www.remic.ca/wp-content/uploads/2020/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.remic.ca/wp-content/uploads/2020/04/home-banner.jpg
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b0890e8ce9f7e414b551f9bc114c980fdff7e07fba5b0460e2c20c1ec55ab07d

Request headers

:path
/wp-content/uploads/2020/04/home-banner.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
last-modified
Fri, 11 Sep 2020 19:53:54 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=10368000
accept-ranges
bytes
content-length
9180
expires
max-age=A10368000, public
banner-onlinecourse.jpg
i2.wp.com/www.remic.ca/wp-content/uploads/inbound_exports/inbound-onlinecourse-2345/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.remic.ca/wp-content/uploads/inbound_exports/inbound-onlinecourse-2345/banner-onlinecourse.jpg?fit=1800%2C1200&ssl=1
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
896b5cd7f161ee1b411c2d6e1eba1a4a169b8392310f0b2513e0c0365f5582e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 22 Sep 2021 17:54:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 15:36:02 GMT
server
nginx
etag
"3b58aa54b24ce796"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.remic.ca/wp-content/uploads/inbound_exports/inbound-onlinecourse-2345/banner-onlinecourse.jpg>; rel="canonical"
content-length
63140
expires
Mon, 11 Sep 2023 03:36:02 GMT
fontawesome-webfont.woff2
www.remic.ca/wp-content/themes/inbound/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-content/themes/inbound/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/wp-content/cache/wpfc-minified/mac2k7ag/21e36.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes/inbound/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://www.remic.ca
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.remic.ca
referer
https://www.remic.ca/wp-content/cache/wpfc-minified/mac2k7ag/21e36.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.remic.ca/wp-content/cache/wpfc-minified/mac2k7ag/21e36.css
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
etag
"5ea382a1-12d68"
last-modified
Sat, 25 Apr 2020 00:21:53 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=10368000
accept-ranges
bytes
content-length
77160
expires
max-age=A10368000, public
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3765
date
Wed, 22 Sep 2021 16:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 22 Sep 2021 18:52:00 GMT
1186497.js
tag.getdrip.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.getdrip.com/1186497.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa13b1c709e1d61579f518c6a6945f6b050554146c324704109190952cd1781e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:47 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 14:26:05 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"a592efd4675d227f63d2267fa181bc41"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
5ylHuExz2hJexBcImsbTSIAXuK42Aq3rO8wZKAuERB7QI3hx1nGK_A==
track.js
monitor.campaignprotection.com/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monitor.campaignprotection.com/track.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.56.168 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
www.campaignprotection.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
db2f722abff07c6f5446353d7e1a19db288627981d3c929958a94d47b07a2dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 00:40:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"60a5afe8-abee"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
44014
x-xss-protection
1; mode=block
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-5.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
12786440
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
81CxuFqry9WROfZk2BpRf7E5tXCC9sPjjQSkJ0R6-Xv4wbO6eN0oDQ==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 17:54:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=11016
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
6994c45d-48cf-4288-b8c1-94b81196086d.js
cdn.mouseflow.com/projects/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/6994c45d-48cf-4288-b8c1-94b81196086d.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f5af286b5f889344e31da3bf4e2f28e74d522a8a99254fe398ff235d6594cc33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:49:21 GMT
server
NetDNA-cache/2.2
etag
W/"ed13ef4a3a5d71:0"
x-cache
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
MUz8zmb+UU9O76xHjeiJRumA/xmh1Jq/yWTq6F2oas/7kxVuEVWx7Tahjh5365zaTWkG9vghGRKatzOOT9z3AQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 22 Sep 2021 17:54:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
c4379576db6173e3fe41fd24fb7882431f241cf2929a8dfdeceaaf3a6596b0b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QtI/FHpulU2JwmokXB1UNg==
cross-origin-resource-policy
cross-origin
expires
Wed, 22 Sep 2021 18:09:56 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
nwZMd2p0hh5hOySN3wofxzJFV1banzYQrjnkpXu5WgQR5wtRtjMnL7VncQomlY3OMH1SMmDhCGBnXem/ghJgFA==
x-fb-trip-id
2050670934
x-fb-content-md5
b63a2e564e883b194bb6dccc76c6c99d
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 22 Sep 2021 17:54:45 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c56344cf7dd9f6c7f21c85e759e84f98"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005194327/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005194327/?random=1632333285977&cv=9&fst=1632333285977&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.remic.ca%2F&tiba=Mortgage%20Broker%20Course%2CMortgage%20Agent%20Course%20for%20Licensing%20in%20Ontario%20%7C%20REMIC.ca&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
29845c603b8e8a7e28eeb6fef78c67a486901af473f8b3e520203385a771130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame AC33 		0
580 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.remic.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 22 Sep 2021 17:54:46 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 22-Sep-2021 18:09:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 22 Sep 2021 17:54:46 GMT
cache-control
private
loader.js
www.gstatic.com/wcm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:24:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
1838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Sep 2021 18:24:08 GMT
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:45 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref
Ref A: 46DA95CBDB2943898FCDDDA50FC1CEB6 Ref B: PRG01EDGE1121 Ref C: 2021-09-22T17:54:46Z
etag
"80386a5f63aad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9827
zQXXeoeuecw
www.youtube.com/embed/ Frame A7DA 		56 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/zQXXeoeuecw
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/wp-content/cache/wpfc-minified/1z394mh/246x0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
ESF /
Resource Hash
22042fdc7f4bed0bf98d21408f0fd136f14ac16532f07c0af1ace75e3f51c85f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/zQXXeoeuecw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.remic.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 22 Sep 2021 17:54:46 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=Pl4C_qCMo3w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=L7gHQmz4ee4; Domain=.youtube.com; Expires=Mon, 21-Mar-2022 17:54:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
remic-white.png
www.remic.ca/wp-content/uploads/2020/04/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.remic.ca/wp-content/uploads/2020/04/remic-white.png
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0b3746840e769a5c0f67524fa1cefb815dde1c9527970018fb4451917e556f6b

Request headers

:path
/wp-content/uploads/2020/04/remic-white.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
last-modified
Fri, 11 Sep 2020 19:54:05 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=10368000
accept-ranges
bytes
content-length
1226
expires
max-age=A10368000, public
wp-emoji-release.min.js
www.remic.ca/wp-includes/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.remic.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.20.201.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.remic.ca
referer
https://www.remic.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
etag
"60391a62-3795"
last-modified
Fri, 26 Feb 2021 15:57:22 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=10368000
accept-ranges
bytes
content-length
14229
expires
max-age=A10368000, public
e10357ca-aa64-42fb-86ec-ea8741e6481f
ekr.zdassets.com/compose/ 		525 B
1020 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/e10357ca-aa64-42fb-86ec-ea8741e6481f
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e10357ca-aa64-42fb-86ec-ea8741e6481f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bdd18bc55ad2e5fb86d82204169218964925cb3dfe30791fa517364db2795c8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
7f86c01a-9500-498b-a057-ed4b66f96faa
x-runtime
0.001984
server
cloudflare
etag
W/"5bdd18bc55ad2e5fb86d822041692189"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpQ30KCaxfmjzlz7S0Bd3qO%2BSjHYJDduh81FIug9PAyAVUfTYyWohj5ZbkUd1WyKeR%2FHN2zKsGEQM1wlnGW%2B%2BSVQIuaixrLRnBiEE2Zvz%2FW3N9oibjP4U8%2BzHnxElwrp9V4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
692d667df9574a68-FRA
storage.html
cdn.wishpond.net/ Frame A50D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.wishpond.net/storage.html
Requested by
Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=106971&writeKey=fd4dcb19c027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-76.fra2.r.cloudfront.net
Software
nginx/1.17.5 /
Resource Hash
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b

Request headers

:method
GET
:authority
cdn.wishpond.net
:scheme
https
:path
/storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.remic.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/

Response headers

content-type
text/html; charset=UTF-8
server
nginx/1.17.5
last-modified
Thu, 18 Feb 2021 20:51:18 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 22 Sep 2021 01:27:10 GMT
cache-control
public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800
etag
W/"602ed346-c7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
je4H9Phb-9Qm-jvXcqbRlKTszGoDS9l_-ttJuVbSAc1_5k4p_KG4ZQ==
age
469347
popups.json
www.wishpond.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.wishpond.com/popups.json?merchant_id=106971&url=https%3A%2F%2Fwww.remic.ca%2F
Protocol
H2
Server
54.146.192.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-192-246.compute-1.amazonaws.com
Software
nginx/1.17.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
https://www.remic.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-type
text/plain
server
nginx/1.17.5
vary
Accept-Encoding
strict-transport-security
max-age=300
access-control-allow-origin
https://www.remic.ca
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-expose-headers
access-control-max-age
600
access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
x-request-id
a423eae8-0d09-4640-89b1-a072c9550e98
x-runtime
0.000786
x-download-options
noopen
content-encoding
gzip
popups.json
www.wishpond.com/ 		13 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wishpond.com/popups.json?merchant_id=106971&url=https%3A%2F%2Fwww.remic.ca%2F
Requested by
Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=106971&writeKey=fd4dcb19c027
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.192.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-192-246.compute-1.amazonaws.com
Software
nginx/1.17.5 /
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.remic.ca/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON"
strict-transport-security
max-age=300
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-request-id
dfe54a6b-9a45-474e-b1d0-316ba25f4807
x-runtime
0.011001
server
nginx/1.17.5
x-frame-options
DENY
x-download-options
noopen
access-control-max-age
600
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language
de-DE
access-control-allow-origin
https://www.remic.ca
access-control-expose-headers
access-control-allow-credentials
true
content-security-policy
default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
content-type
application/json; charset=utf-8
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=141993450&post=63&tz=0&srv=www.remic.ca&host=www.remic.ca&ref=&fcp=2134&rand=0.2933735770779531
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
css
fonts.googleapis.com/ 		6 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A600%7COpen+Sans%3A600%7COpen+Sans%3A400n%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A400%7COpen+Sans%3A700%7COpen+Sans%3A600
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
9dd7262de6976d2a1cd7286f9b4db4c57a61b3e66435e16577309a815b944c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 17:54:46 GMT
server
ESF
date
Wed, 22 Sep 2021 17:54:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 17:54:46 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular,700,300italic,300,500%7cLato:700%7cOpen+Sans:regular%26subset=latin
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
5097bc4bb7c7805e8715a00dde2691d98c427122cfe6ba32c9ba6224337c9d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 17:54:46 GMT
server
ESF
date
Wed, 22 Sep 2021 17:54:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 17:54:46 GMT
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=757695677&t=pageview&_s=1&dl=https%3A%2F%2Fwww.remic.ca%2F&ul=en-us&de=UTF-8&dt=Mortgage%20Broker%20Course%2CMortgage%20Agent%20Course%20for%20Licensing%20in%20Ontario%20%7C%20REMIC.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1338098188&gjid=1017229244&cid=524686524.1632333286&tid=UA-35797985-1&_gid=1826604237.1632333286&_r=1&_slc=1&z=1983945298
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.remic.ca/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 17:54:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.remic.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Mortgage%20Broker%20Course%2CMortgage%20Agent%20Course%20for%20Licensing%20in%20Ontario%20%7C%20REMIC.ca&time=1632333286207&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.remic.ca%2F&random_number=1814739265&sess_cookie=20bd9ea917c0ea54b3e6c1ffd89&sess_cookie_flag=1&user_cookie=20bd9ea917c0ea54b3e6c1ffd89&user_cookie_flag=1&dynamic=true&domain=remic.ca&account=pNVQf1aYS500yH&jsv=20130128&user_lang=en-US
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-10.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 03:30:18 GMT
Via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
51868
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
GjMPPiu1adsLr51_5scUktgq9j5WSZcj8_R7lvDuycGtJAgcjRfwqg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.37.248 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-37-248.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
server
Server
sdk.js
connect.facebook.net/en_US/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1bf42e02eaeb51376edc3488beaf2360
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
14ad55b0198a37c887ea0f3b574916279e41be98137ededca8e91c39a3e281e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.remic.ca/
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
IQmb5AVvFOzopTfgDTQncw==
cross-origin-resource-policy
cross-origin
expires
Thu, 22 Sep 2022 12:58:50 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66989
x-fb-rlafr
0
x-fb-debug
l0vWEyvQEvBMQmsynUGamun92HrGr9r77yYRjgMIss4egHAec1NrT5ZeFK62twLijQnJeu9taQe9AuhCryf1YA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a8ddb28573074b9c1c207e806391bf3c
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 22 Sep 2021 17:54:46 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3472f5e3100757f16c19baa6e3322625"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
www.google.com/pagead/1p-user-list/1005194327/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1005194327/?random=1632333285977&cv=9&fst=1632330000000&num=1&guid=ON&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.remic.ca%2F&tiba=Mortgage%20Broker%20Course%2CMortgage%20Agent%20Course%20for%20Licensing%20in%20Ontario%20%7C%20REMIC.ca&fmt=3&is_vtc=1&random=1125404997&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 17:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 10:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 10:52:12 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508418%2C2599338&time=1632333286209&url=https%3A%2F%2Fwww.remic.ca%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D508418%252C2599338%26time%3D1632333286209%26url%3Dhttps%253A%252F%252Fwww.remic.c...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508418%2C2599338&time=1632333286209&url=https%3A%2F%2Fwww.remic.ca%2F&liSync=true
0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508418%2C2599338&time=1632333286209&url=https%3A%2F%2Fwww.remic.ca%2F&liSync=true
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-69.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:47 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-eda6
content-type
application/javascript
content-length
0
x-li-uuid
DZgO4nk2pxawFYtVXCsAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXMmTW35mN8URc8tlFh2A==
pragma
no-cache
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9E752CC3B05348BFB4F71343E1132888 Ref B: PRG01EDGE1019 Ref C: 2021-09-22T17:54:46Z
date
Wed, 22 Sep 2021 17:54:46 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508418%2C2599338&time=1632333286209&url=https%3A%2F%2Fwww.remic.ca%2F&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700,300italic,300,500%7cLato:700%7cOpen+Sans:regular%26subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
4983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700,300italic,300,500%7cLato:700%7cOpen+Sans:regular%26subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:13:08 GMT
x-content-type-options
nosniff
age
135698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 04:13:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700,300italic,300,500%7cLato:700%7cOpen+Sans:regular%26subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
4983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700,300italic,300,500%7cLato:700%7cOpen+Sans:regular%26subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
4986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700,300italic,300,500%7cLato:700%7cOpen+Sans:regular%26subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
4986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700,300italic,300,500%7cLato:700%7cOpen+Sans:regular%26subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.remic.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:37:36 GMT
x-content-type-options
nosniff
age
4630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17484
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:37:36 GMT
410214759401224
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/410214759401224?v=2.9.46&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
dc854ea3dca6d49f7bc06a5c62dc0afa7f601e709bd98bc8dc7a5c9e044c3f47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
sozmW+Q/QVmBPAj8/XdTMIUTvpJa5a1FuPW8h47z6elWSzHHIxJQ0TBctyZ65D6/GE2zegzJ0CMuTe3xmTWaaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 22 Sep 2021 17:54:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
11005562.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/11005562.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Sep 2021 17:54:46 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 7DFAA4AE553D4A9C88E18F9D90CA4D88 Ref B: PRG01EDGE1121 Ref C: 2021-09-22T17:54:46Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=11005562&Ver=2&mid=47f1c270-6806-4287-a426-a07308a3dfba&sid=2c578f201bce11ecb21fad08a2c117c5&vid=2c57a3d01bce11ecaca0dd39f92cdf43&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mortgage%20Broker%20Course,Mortgage%20Agent%20Course%20for%20Licensing%20in%20Ontario%20%7C%20REMIC.ca&p=https%3A%2F%2Fwww.remic.ca%2F&r=&lt=2333&evt=pageLoad&msclkid=N&sv=1&rn=690302
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Sep 2021 17:54:46 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: E225967D0CF74D368FB8F5C7793E7472 Ref B: PRG01EDGE1121 Ref C: 2021-09-22T17:54:46Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-35797985-1&cid=524686524.1632333286&jid=1338098188&gjid=1017229244&_gid=1826604237.1632333286&_u=IEBAAEAAAAAAAC~&z=80052975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.remic.ca/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 22 Sep 2021 17:54:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.remic.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-35797985-1&cid=524686524.1632333286&jid=1338098188&_u=IEBAAEAAAAAAAC~&z=2107676555
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 17:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/202721c6/ Frame A7DA 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zQXXeoeuecw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
sffe /
Resource Hash
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zQXXeoeuecw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:45:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
180530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46356
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:45:56 GMT
www-embed-player.js
www.youtube.com/s/player/202721c6/www-embed-player.vflset/ Frame A7DA 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zQXXeoeuecw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
sffe /
Resource Hash
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zQXXeoeuecw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:49:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67318
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 22 Sep 2022 17:49:51 GMT
base.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame A7DA 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zQXXeoeuecw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
sffe /
Resource Hash
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zQXXeoeuecw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
180595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
517198
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:51 GMT
fetch-polyfill.js
www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/ Frame A7DA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zQXXeoeuecw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zQXXeoeuecw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
180608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A7DA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zQXXeoeuecw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
118019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 09:07:47 GMT
/
www.facebook.com/tr/ 		44 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=183071808377931&ev=fb_page_view&dl=https%3A%2F%2Fwww.remic.ca%2F&rl=&if=false&ts=1632333286369&sw=1600&sh=1200&at=
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.21.35 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-cdt1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 22 Sep 2021 17:54:46 GMT
wcm
www.google.com/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1005194327/wcm?cc=ZZ&dn=18774473642&cl=kz2BCKPUk20Q15io3wM&ct_eid=2
  • https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18774473642&cl=kz2BCKPUk20Q15io3wM
80 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18774473642&cl=kz2BCKPUk20Q15io3wM
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Wed, 22 Sep 2021 17:54:46 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18774473642&cl=kz2BCKPUk20Q15io3wM
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.remic.ca
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
web-widget-preload-416078d2328fdddb17be.js
static.zdassets.com/web_widget/latest/ Frame DEA7 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e10357ca-aa64-42fb-86ec-ea8741e6481f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2527b9c7c260faf84f105531488710bd08812666b7f03424562ed0f83ebf4c7d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222548
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54XWRJSR9CJQ4X1
x-amz-id-2
x6t65lba6SMWfBgtdCuccM78u2UnFvHVbWfW8wbLRQwzgX6e1bH1zADPPP2rODyfH6fdjZVvigo=
last-modified
Fri, 17 Sep 2021 06:57:52 GMT
server
cloudflare
etag
W/"9a2c01dc67c2bf7a9e783c0451d450fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0egXxERoljcR8eGbyBYfpO0nNnjTvFGgou7kw3OO4S7yU1VZ3QIyhqDnzlirYfLzfi4aNgx4weFjKLyTxHwlqsNqLWEQUfAvXxHMtQ5FJHzy6fOXLphJEVsIzZSfmkjpF%2F%2BJ9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Srkd7MMWrMIxbmaSxf4Q6zSCgHQyx.VZ
cf-ray
692d667fea3543b8-FRA
expires
Sat, 17 Sep 2022 06:57:50 GMT
web-widget-framework-7a0e3c94c555a139ce02.js
static.zdassets.com/web_widget/latest/ Frame DEA7 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e10357ca-aa64-42fb-86ec-ea8741e6481f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c322a7503a4e53b8b3ede9c57b7f4a4d8b76d09ccbff2d653672d1860a2c7c26
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222548
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54MXNECAK0XBT9J
x-amz-id-2
R8W9yxIHJjUYUovWOt4UrXAIVF1TVQr2GfY3VvgXE4MS6DRPSLJTAIw43LVX2b+MAg5K2aTxIWs=
last-modified
Fri, 17 Sep 2021 06:57:52 GMT
server
cloudflare
etag
W/"cec54a8b5c79bb251a12a66ce66798c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXfXJUR0TZ9PZMDQQXMhA2FaECsJUFq%2FQmauVswlqtcvXVYsKX2Y12eb2nSEFY6h62BbQx5OjuguTJZSykGVmfp8J451llqDQXITaeTwSvmE3pyB1HB6Q%2B9Y0owR7FMjs644DaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
_0OWJBCKJnSIFjW_HM6eyShjuGWoRFQr
cf-ray
692d667ffa4043b8-FRA
expires
Sat, 17 Sep 2022 06:57:51 GMT
web-widget-chat-sdk-ad0bca0cd862985f164f.js
static.zdassets.com/web_widget/latest/ Frame DEA7 		203 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e10357ca-aa64-42fb-86ec-ea8741e6481f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2564505
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
95ZJNECBJJPS7GC4
x-amz-id-2
3/yf0H9Zopc/y2rU3QPSJDq1Kko8+MTWJB0LpIH4o+lrmvjTlPRSgMboS3jQnFkxJOtWMq8UFU4=
last-modified
Mon, 23 Aug 2021 23:30:15 GMT
server
cloudflare
etag
W/"093f405bc41723c43486a657a0e1a173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY7EQTjRTh1u895Q9n1J5mKAcb7GSZM4u5SeQeZld4zjhiPGkVLx%2B8S1SxrqIAHJE5K3hyPaPONHZ5GZ952%2BoPaUdkI%2FTN70hkl4ZYbfbJnuHGzNcJ9pxKuc64rZMErB30bwzOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
wY3FbPeO1JSLC6dhSs9NxsYVyHmXlIn9
cf-ray
692d667ffa4943b8-FRA
expires
Tue, 23 Aug 2022 23:30:13 GMT
config
remic.zendesk.com/embeddable/ 		492 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://remic.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e10357ca-aa64-42fb-86ec-ea8741e6481f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b810a8da5a32344eb59a3360c521ca35accc474db4b89e9418fcb34298bffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-zendesk-origin-server
embeddable-app-server-5f57bb499f-5fmp6
access-control-allow-methods
GET
strict-transport-security
max-age=31536000;
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
692d66806e8dc277-IAD, 692d66806e8dc277-IAD
x-runtime
0.024615
server
cloudflare
etag
W/"32b810a8da5a32344eb59a3360c521ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D51A96cysr72oYoaFaXVytjRYSJcwxSCG%2BCGsbjEZVw9QDZGf0fBmKgqKw8%2FZTL48J4EvQIxIIgq52XFQ3iWKmzbzbLEQkB4BTDW02W5ie%2FXGWw%2BjqCVoFtk7FwGmNiV4Wxm"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
692d66806e8dc277-FRA
client.js
d14jnfavjicsbe.cloudfront.net/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d14jnfavjicsbe.cloudfront.net/client.js
Requested by
Host: tag.getdrip.com
URL: https://tag.getdrip.com/1186497.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04eb3e5664578ad2db355c631fc108d165a4219efe2fdd27388255ae7580b69a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:50:49 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 17:19:21 GMT
server
AmazonS3
age
243
etag
W/"6c90e78cf34e4cbd46f22dbd6a79c753"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control
max-age=300
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-meta-md5sum
bJDnjPNOTL1G8i29annHUw==
x-amz-cf-id
Snc8blav4JW7yXYFHWg4kDX_7ZD9sN5mcq7kBK9y5nL-AWXRF8Djag==
id
googleads.g.doubleclick.net/pagead/ Frame A7DA 		113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
645fdb120bfb83d9ef8c12397a4aa4a3b4d69f700b8a0dd6d88d17b6cf44c4fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A7DA 		29 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:42:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
708
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 22 Sep 2021 17:57:58 GMT
remote.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame A7DA 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
sffe /
Resource Hash
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zQXXeoeuecw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
180595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29973
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:51 GMT
EWy-AQV1UPoR_yYiMIFOvRAIrcYXYpRYkvBHwHw3rlg.js
www.google.com/js/th/ Frame A7DA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/EWy-AQV1UPoR_yYiMIFOvRAIrcYXYpRYkvBHwHw3rlg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
116cbe01057550fa11ff262230814ebd1008adc61762945892f047c07c37ae58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 05:14:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
45593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13227
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 22 Sep 2022 05:14:53 GMT
embed.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame A7DA 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
sffe /
Resource Hash
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zQXXeoeuecw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:45:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
180536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7353
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:45:50 GMT
truncated
/ Frame A7DA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQmh42f3G6ssfj8gkg3v8aSwosKjisB0hOwFTm9=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A7DA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQmh42f3G6ssfj8gkg3v8aSwosKjisB0hOwFTm9=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zQXXeoeuecw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
fife /
Resource Hash
cbed663a194714f5d1e74148eb508e33689f5ba894c225e78b7466d5c3c3320d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:26 GMT
x-content-type-options
nosniff
age
5000
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2702
x-xss-protection
0
server
fife
etag
"v61"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 29 Aug 2021 19:53:54 GMT
sddefault.webp
i.ytimg.com/vi_webp/zQXXeoeuecw/ Frame A7DA 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/zQXXeoeuecw/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zQXXeoeuecw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f22.1e100.net
Software
sffe /
Resource Hash
b75425fe364ca2bc8af11e76e45d33cdc43d086240b2e574fd08a458a07b5beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17556
x-xss-protection
0
server
sffe
etag
"1629913124"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Sep 2021 19:54:46 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=410214759401224&ev=PageView&dl=https%3A%2F%2Fwww.remic.ca%2F&rl=&if=false&ts=1632333286589&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632333286588.1066700677&it=1632333286267&coo=false&rqm=GET
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.21.35 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-cdt1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 22 Sep 2021 17:54:46 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=410214759401224&ev=ViewContent&dl=https%3A%2F%2Fwww.remic.ca%2F&rl=&if=false&ts=1632333286592&sw=1600&sh=1200&v=2.9.46&r=stable&ec=1&o=30&fbp=fb.1.1632333286588.1066700677&it=1632333286267&coo=false&rqm=GET
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.21.35 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-cdt1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 22 Sep 2021 17:54:46 GMT
visit
api.getdrip.com/client/events/ 		84 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getdrip.com/client/events/visit?drip_account_id=1186497&referrer=&url=https%3A%2F%2Fwww.remic.ca%2F&domain=www.remic.ca&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_416974354
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
0f94bef064dfd682652a2127f0311c19395f9302037eeb85855bf1d6cb13664a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
84
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
bb5d5767-3452-4706-9654-683f78858d10
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
GE4cFHFroAMFy8A=
content-length
84
x-xss-protection
1; mode=block
x-request-id
b7a0ac57-d636-407b-b42d-d53e32cf0622
x-runtime
0.029881
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"0f94bef064dfd682652a2127f0311c19"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Wed, 22 Sep 2021 17:54:46 GMT
x-amz-cf-id
Se3raGgvd4NNXZFCA2_zQ9gPImmHHU9EqFIN_YzyjQ5h4CN7uVjYiA==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A7DA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview"
expires
Wed, 22 Sep 2021 17:54:48 GMT
generate_204
www.youtube.com/ Frame A7DA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ozilCw
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zQXXeoeuecw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
de-de-json-d7ee6cb4b3f57aabe16b.js
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame DEA7 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-d7ee6cb4b3f57aabe16b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222548
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54RYEY0GNGYVB0W
x-amz-id-2
RThDjIV8MVLASR36XpDFYEPBQhHWm7FHdST+ml6bpeGCoY8XABbZLywvvIHMmoMB+YnGjbtNFY8=
last-modified
Mon, 20 Sep 2021 03:46:48 GMT
server
cloudflare
etag
W/"811ba5198de03eb639ced23b0c55e764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPgIvp5Hiiwz2u1d4q8r0spWY1xU4yuIyUjlldsQSqr4zxVlgplr%2BMEVOZCobtmab1p0C9wcUcjoWiuLmai53Rr6EtJfnIqjTjIewBKhtlQbSvKZr0rAYDzDlc40x5ICanqyjwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Ad26HWM94n9oSNA2XO5q9d8tXRaFBL8q
cf-ray
692d66821f7243b8-FRA
expires
Tue, 20 Sep 2022 03:46:47 GMT
web-widget-7487-813b8c77d5c0e8d0d00a.js
static.zdassets.com/web_widget/latest/ Frame DEA7 		340 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-7487-813b8c77d5c0e8d0d00a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23319
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQM0E70QGHCFB2W
x-amz-id-2
73YkqsuaQuQouNKAJNmd9CYRpz95lz5ew7jn31aI//rFfG4WhCepV9jPj5+j+trCfNeAKAro5KM=
last-modified
Mon, 13 Sep 2021 23:45:48 GMT
server
cloudflare
etag
W/"b09bbdba067caac0d4cefb3cc1142b84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCb4TFAWurqT3QIWxjBn9coTZJwwLo%2FS%2FtN9nWgjSC7Ih8WFoGipYfmfwyxjSAgxD4u1mfrHouQZ%2BTVtsFYHr47OpiOhJTNNE3b06Om8OnhI4apf3xv8WYGTmXjX9ovYx8sKTVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
uS5dZl.YNc6jj_t0cS60aE2lFJFk5MUV
cf-ray
692d66823fd343b8-FRA
expires
Tue, 13 Sep 2022 23:45:47 GMT
web-widget-2765-b06562d67a25c346a78a.js
static.zdassets.com/web_widget/latest/ Frame DEA7 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-2765-b06562d67a25c346a78a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
672067
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQHM1QNYA499P06
x-amz-id-2
pa0g6ApCgS/+jXCeilPIWv7QwYYuEvV5aW001nS6JgjsCWL+ovvF0P60U1v0o1SoJDD/9i6ALrI=
last-modified
Mon, 13 Sep 2021 23:45:49 GMT
server
cloudflare
etag
W/"0bc1a1b4bd1a31033986b000da94d291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1HN3hdFuY7VFrQEgRb3wM41zEynKfihemusitNTaTB2%2BLkNrrj95fLD5E5U6TqHKzTwVwmZxrrU01%2FFmbtAQhAS4YKnjC2Oux2Lt1EPt2UwmPeRCw9OwJYYH0wKMqCBmUM%2FEM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
A1v2De1d.Np63il34KlS.L5PoKQUdcZa
cf-ray
692d66823fd843b8-FRA
expires
Tue, 13 Sep 2022 23:45:47 GMT
web_widget-945b35e58f786cf38aa6.js
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame DEA7 		419 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-945b35e58f786cf38aa6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c395d504fb7a48bf0331277cfbd02463fe12e2a299c03c58957be2cccbe53540
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1669
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54MY2XQ2Y223YP0
x-amz-id-2
Fxe0iIQjuLUItO8iTkrGzDLbs3FlFqqXhaI/7bI+fKQsXJnHBRoQ7YDxqRLThnMgBCqrhGWJqtE=
last-modified
Mon, 20 Sep 2021 03:45:54 GMT
server
cloudflare
etag
W/"68ed4c61becc367ee01cafbf4cb0c6c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jb46SuXJPOmKcjhrOvDWg4QThFQNSkTPXHLisj%2BkKjtqWaNjJdifH3x5h27FPSrspPzl6vR8KGgmwU4CrvjArQrJL%2BmjAJjIke9w1zmusNgIxTSeWxDfXPmhI5G4MAIM3xxxS2g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
KAn5UqkYYSyktntPcUhTA9XmloUei0lV
cf-ray
692d66823fd943b8-FRA
expires
Tue, 20 Sep 2022 03:45:53 GMT
embeddable_blip
remic.zendesk.com/ Frame DEA7 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remic.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI4NjA2NTQyZjgyYzk0ZWUyMWRjOWE0MDEzNjFjMWQ3ZCIsInN1aWQiOiIxNTMxMzhkODVjNDZhYjA2OTk5ZTVjYjUwMTYwNDJmMSIsInZlcnNpb24iOiJmZDBhMDI1MzEiLCJ0aW1lc3RhbXAiOiIyMDIxLTA5LTIyVDE3OjU0OjQ2Ljg2NVoiLCJ1cmwiOiJodHRwczovL3d3dy5yZW1pYy5jYS8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dUbkJyyTUzfwIF6R4ilFwAevoImGnl5NDVl9sSLdq6HZQhQw15dgP2AryfFyUzw5uQzuVUk1w9fhHnDCEmXFbHhQ02xQ46kOtYLK5RZ8OyYS0MnV8Cxsry55U1XKWdY6F2O"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.remic.ca
accept-ranges
bytes
cf-ray
692d6682f9f5c277-FRA
vary
Accept-Encoding
content-length
0
x-request-id
8e8bc56972ee6b30749d6079b2840d58
embeddable_blip
remic.zendesk.com/ Frame DEA7 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remic.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly93d3cucmVtaWMuY2EvIiwidGltZSI6NDAsImxvYWRUaW1lIjoyNS41LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiTW9ydGdhZ2UgQnJva2VyIENvdXJzZSxNb3J0Z2FnZSBBZ2VudCBDb3Vyc2UgZm9yIExpY2Vuc2luZyBpbiBPbnRhcmlvIHwgUkVNSUMuY2EiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEsIHVzZXItc2NhbGFibGU9bm8iLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6Ijg2MDY1NDJmODJjOTRlZTIxZGM5YTQwMTM2MWMxZDdkIiwic3VpZCI6IjE1MzEzOGQ4NWM0NmFiMDY5OTllNWNiNTAxNjA0MmYxIiwidmVyc2lvbiI6ImZkMGEwMjUzMSIsInRpbWVzdGFtcCI6IjIwMjEtMDktMjJUMTc6NTQ6NDYuOTA1WiIsInVybCI6Imh0dHBzOi8vd3d3LnJlbWljLmNhLyJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lezw4BEmlP08HY1526JC0X4JtQWNSYaYT0LTH1yuhlQ8NOL2924gLBWNhXIap8yzkqKspDMXJpHefkeF3D%2FVLl7GpBQP8AEAPUTa6KZXENsRMf5Y1WjQKWoPLXVe76jfOr88"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.remic.ca
accept-ranges
bytes
cf-ray
692d66832a38c277-FRA
vary
Accept-Encoding
content-length
0
x-request-id
bd73eee8cd5dcca3ee519ea4a5f0a723
/
www.facebook.com/tr/ Frame 753E 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.remic.ca
URL: https://www.remic.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.21.35 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-cdt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4991
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.remic.ca
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.remic.ca/
accept-encoding
gzip, deflate, br
cookie
fr=0ZN9Zc6wx4o77iYEd..BhS23m...1.0.BhS23m.
Upgrade-Insecure-Requests
1
Origin
https://www.remic.ca
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.remic.ca/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.remic.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Wed, 22 Sep 2021 17:54:47 GMT
web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
static.zdassets.com/web_widget/latest/ Frame DEA7 		337 B
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:54:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4066922
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
9AW2YY408XKP0231
x-amz-id-2
fGF32ljqWCA8gjtXkLN42kSJahmTO/DUTZOgF/jjvedL3OXevEaJ64pndhlimfkF8//j4AFGC30=
last-modified
Fri, 06 Aug 2021 01:28:06 GMT
server
cloudflare
etag
W/"200371227ff3b0fb85badb2d2faef3b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE5i8ZJBfglM525Lei8jUEW37GtTcV0aZ3ytybyg0%2B0fYCR44eJkPajSBGeRlB%2B%2Fdbz8nfJ5hALPVdCvJPKM%2BsghgACezitFJEQf0xjbEbyTxeQiULFH2lWdIgbDOCW9q%2BZkN78%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
AUc5ye9EUODlEErT0NHTaToq3MoNYX1U
cf-ray
692d668639a943b8-FRA
expires
Sat, 06 Aug 2022 01:28:05 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame DEA7 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 22 Sep 2021 17:54:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
R8QE2C3Q9BYCNRFW
x-amz-server-side-encryption
AES256
cf-ray
692d6686db5b43b8-FRA
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
274mrHVk6W078L0g+UsZ5sCtcgdUA+OcJ8JLyuhijlLCMJPnTS2UalksD+mI1crqcEfazQjeo18=
last-modified
Wed, 22 Sep 2021 07:37:57 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=de2JEYJjJKhfwJoxtUXaRE0aC6kNOntZ8RaZh6XFa%2BYpXcz5wjzo4VSiNKgGkwHVABOmP2yl1w9%2FbDSDdhNK9pe9Kq2KrImryyo31r2zB%2BaN10%2BVQNAa0fzKIE0qBsmKsjS02t4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
gAAsCBc4mD6Sfp_zgR_Ty07J8mdvzrAb
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
audio/mpeg; charset=utf-8
expires
Thu, 22 Sep 2022 07:37:56 GMT
log_event
www.youtube.com/youtubei/v1/ Frame A7DA 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/zQXXeoeuecw
X-YouTube-Client-Version
1.20210919.0.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtMN2dIUW16NGVlNCjm262KBg%3D%3D
X-YouTube-Ad-Signals
dt=1632333286482&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C481%2C300&vis=1&wgl=true&ca_type=image&bid=ANyPxKqQ3CweZkwD-OKw8q4YcDXU-nKByqZ9-Z4koBp53m-u3OcvyXZZDcnx3Qs9BiVPCMOSpHS8IHXfLOGWwg86ShyHgm-6CA

Response headers

date
Wed, 22 Sep 2021 17:54:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame A7DA 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 09:15:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15359
x-xss-protection
0
last-modified
Mon, 12 Jul 2021 15:09:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 23 Sep 2021 09:15:33 GMT

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| Wpfcll function| wpfci string| GoogleAnalyticsObject function| ga object| watupro_i18n object| panelsStyles object| _dcq object| _dcs object| google_conversion_id object| google_custom_params object| google_remarketing_only object| _atrk_opts object| _mfq object| wpcf7 object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| qpprFrontData object| jetpackLazyImagesL10n object| jetpackSwiperLibraryPath object| jetpackCarouselStrings object| WatuPRO object| WatuPROSettings function| watuPRODetailsTableShow undefined| $ function| jQuery object| WatuPROIntel object| WatuPROPractice object| WatuPRODep object| WatuPROSort object| WatuPROPay object| WatuPROIDroppable object| WatuPROINMatrix function| fbq function| _fbq object| zEWebpackACJsonp function| zE function| zEmbed object| dt function| fbAsyncInit function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| _googWcmImpl string| _googWcmAk function| _googWcmGet string| _linkedin_partner_id object| _linkedin_data_partner_ids object| uetq function| showhide_toggle object| RESPONSIVEUI object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill undefined| animatedHeader object| $jscomp object| WPacTime function| _rplg_badge_init function| rplg_load_imgs function| rplg_next_reviews function| rplg_leave_review_window function| _rplg_lang function| _rplg_popup function| _rplg_init_timeago function| _rplg_init_blazy function| _rplg_read_more function| _rplg_init_slider function| _rplg_get_parent function| rplg_init_slider_theme function| rplg_init_grid_theme function| rplg_init_list_theme function| rplg_init_badge_theme function| rplg_init_temp_theme function| EventEmitter object| eventie function| cvp_imagesLoaded object| cvp_Modernizr function| cvp_Shuffle function| cvp_common object| cvsf_data function| cvp_js object| lazySizes object| classie object| salvattore function| imagesLoaded function| Waypoint object| skrollr function| WOW object| wp function| Blazy function| Rplgsw object| _stq object| _wpemojiSettings object| Base64 object| XD object| fastdom object| Wishpond function| CrossStorageClient object| google_tag_manager function| st_go function| linktracker_init object| wpcom object| gaplugins object| gaGlobal object| gaData object| $activeHeader object| rplg_blazy function| atrk boolean| _atrk_fired object| FB function| lintrk boolean| _already_called_lintrk boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow function| UET function| UET_init function| UET_push object| twemoji boolean| zEACLoaded function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| google_wcc_status object| _dcfg object| intlTelInputGlobals object| _dc undefined| Drip_416974354 object| originalsizes object| FingerprintJS object| TimeMe string| serialisedGetParams function| $zopim

25 Cookies

Domain/Path Name / Value
remic.ca/ Name: PHPSESSID
Value: toi0c6m8v1urc2fb5ngt0m5uqn
.bing.com/ Name: MUID
Value: 31945C848FB2666E20274C3E8EF067E2
.remic.ca/ Name: _gcl_au
Value: 1.1.302808278.1632333286
.youtube.com/ Name: YSC
Value: Pl4C_qCMo3w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: L7gHQmz4ee4
.remic.ca/ Name: _ga
Value: GA1.2.524686524.1632333286
.remic.ca/ Name: _gid
Value: GA1.2.1826604237.1632333286
.remic.ca/ Name: _gat
Value: 1
.remic.ca/ Name: __asc
Value: 20bd9ea917c0ea54b3e6c1ffd89
.remic.ca/ Name: __auc
Value: 20bd9ea917c0ea54b3e6c1ffd89
.remic.ca/ Name: _uetsid
Value: 2c578f201bce11ecb21fad08a2c117c5
.remic.ca/ Name: _uetvid
Value: 2c57a3d01bce11ecaca0dd39f92cdf43
.facebook.com/ Name: fr
Value: 0ZN9Zc6wx4o77iYEd..BhS23m...1.0.BhS23m.
.doubleclick.net/ Name: IDE
Value: AHWqTUmWJA4h7CsVABFLPjv7W91gAF6S9hXAqQHhvkldD4l3K-7s2VvdxjiR2lK-
.remic.ca/ Name: _fbp
Value: fb.1.1632333286588.1066700677
.linkedin.com/ Name: UserMatchHistory
Value: AQJHuQ1Vype90gAAAXwOpUykiyxe1uCRHmWliYX1JdHmFExx2hYz69WKFreHDqLRTdSJ1e1zVb6Erw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJK1UZ0FVeg2gAAAXwOpUyk9P1ZgIbbbP1e3gAGhQmH8OojH3MqMGJrKIAq4SOSvOHUffhtiZ5gexs3FfP5Ag
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&37a1d0e0-9c54-48ac-820d-db5b61f1e155"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2079:u=1:x=1:i=1632333286:t=1632419686:v=2:sig=AQGZ-CH8ECbiqf_e4jMgjRpeVvYvi6xZ"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20210922175446da04c937-9b55-428f-84e7-6b9e7974b870AQEqNKAdo24och2TPolYFjLIaOiJP3xl"
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: ImNY5LRJMLQz6bJNo+BRemcIegcw5F1wBsz2IZ0Acv1Nn4MlSB352SzyHenjeSh7ZNAJI7hezL6xVnne4wxjPxlVITXAQysU0pT0K2WKxMkPnhisZf88gYKwnVat
.remic.ca/ Name: _drip_client_1186497
Value: vid%253Def2c1f1c26144f25b0a4dc7407c3312a%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1632333286991%2526weeklySessionCount%253D1%2526lastSessionAt%253D1632333286991
.remic.ca/ Name: __zlcmid
Value: 16CkLoU8CM4j6nw

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.remic.ca/
Message:
The resource https://www.remic.ca/wp-content/themes/inbound/fonts/fontawesome-webfont.woff2?v=4.7.0 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getdrip.com
bat.bing.com
bid.g.doubleclick.net
cdn.mouseflow.com
cdn.wishpond.net
certify.alexametrics.com
connect.facebook.net
d14jnfavjicsbe.cloudfront.net
d31qbv1cthcecs.cloudfront.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
i2.wp.com
monitor.campaignprotection.com
pixel.wp.com
px.ads.linkedin.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
remic.ca
remic.zendesk.com
snap.licdn.com
static.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
stats.wp.com
tag.getdrip.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.remic.ca
www.wishpond.com
www.youtube.com
yt3.ggpht.com
104.16.53.111
104.18.70.113
108.174.11.69
13.107.21.200
13.107.42.14
13.224.193.10
13.224.193.5
13.224.193.62
13.225.78.57
13.225.78.76
13.225.84.24
142.250.181.227
142.250.181.228
142.250.184.214
142.250.184.234
142.250.186.130
142.250.186.35
142.250.186.38
142.250.186.72
142.250.186.78
146.20.201.190
157.240.21.35
172.217.16.142
172.217.18.97
192.0.76.3
192.0.77.2
2.18.234.132
23.111.9.38
3.130.37.248
31.13.92.14
45.33.56.168
54.146.192.246
74.125.71.154
0394ebd94c0f0249276090cde3aa97df71cc5f4756cc9169b7315baf9202fb2e
04eb3e5664578ad2db355c631fc108d165a4219efe2fdd27388255ae7580b69a
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
0b3746840e769a5c0f67524fa1cefb815dde1c9527970018fb4451917e556f6b
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f94bef064dfd682652a2127f0311c19395f9302037eeb85855bf1d6cb13664a
0fc36e408509d470de842bff3481eed0233c8b7f7ac7146131c9204ea80e736c
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116cbe01057550fa11ff262230814ebd1008adc61762945892f047c07c37ae58
14ad55b0198a37c887ea0f3b574916279e41be98137ededca8e91c39a3e281e1
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749
22042fdc7f4bed0bf98d21408f0fd136f14ac16532f07c0af1ace75e3f51c85f
2527b9c7c260faf84f105531488710bd08812666b7f03424562ed0f83ebf4c7d
29845c603b8e8a7e28eeb6fef78c67a486901af473f8b3e520203385a771130c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32b810a8da5a32344eb59a3360c521ca35accc474db4b89e9418fcb34298bffa
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
4d1d02d4e169aa8314e5198ca89d17b36e1cb025fd3b6489e5d7cff0291cf7d6
5097bc4bb7c7805e8715a00dde2691d98c427122cfe6ba32c9ba6224337c9d3c
5bdd18bc55ad2e5fb86d82204169218964925cb3dfe30791fa517364db2795c8
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
645fdb120bfb83d9ef8c12397a4aa4a3b4d69f700b8a0dd6d88d17b6cf44c4fa
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
7e6aff72d5da0ebca552218f38b93f68fb39f3a93fd0f4211ebae82ea65fbd30
85c8dd02d290c8af679e234cd37eb21ffcd5b2cdd88f649ec727aa7bbc955741
896b5cd7f161ee1b411c2d6e1eba1a4a169b8392310f0b2513e0c0365f5582e8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8def7f14fd6890d3dab7a296f963d5bf9dfe362f507e0a31f1ad034f5a08ba9a
8f83a90c321c546cacbf2c341962cb4f9ee1f21d6592926e81900554733f5572
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9dd7262de6976d2a1cd7286f9b4db4c57a61b3e66435e16577309a815b944c1e
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a8cc8041caa423e83f8a21a3ada846454d2a332f9df51c83691b90bc14363d85
aa13b1c709e1d61579f518c6a6945f6b050554146c324704109190952cd1781e
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
ae8fb628dfb9e6a4d1107de3803e158ab0165653dd4c3f99ed50e06222d39350
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0890e8ce9f7e414b551f9bc114c980fdff7e07fba5b0460e2c20c1ec55ab07d
b43f930091a523037570fc01859bf601aac31008b755c951eab5a4735bd379a1
b75425fe364ca2bc8af11e76e45d33cdc43d086240b2e574fd08a458a07b5beb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
c322a7503a4e53b8b3ede9c57b7f4a4d8b76d09ccbff2d653672d1860a2c7c26
c395d504fb7a48bf0331277cfbd02463fe12e2a299c03c58957be2cccbe53540
c4379576db6173e3fe41fd24fb7882431f241cf2929a8dfdeceaaf3a6596b0b1
cbed663a194714f5d1e74148eb508e33689f5ba894c225e78b7466d5c3c3320d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
db2f722abff07c6f5446353d7e1a19db288627981d3c929958a94d47b07a2dcb
dc854ea3dca6d49f7bc06a5c62dc0afa7f601e709bd98bc8dc7a5c9e044c3f47
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bfebd6de366c657e2c35d0d1f0fa45e272b0edb0075b5484d329a612d17d12
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5af286b5f889344e31da3bf4e2f28e74d522a8a99254fe398ff235d6594cc33
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df