www.onlinecorrection.com Open in urlscan Pro
51.222.41.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://onlinecorrection.com/
Effective URL:
https://www.onlinecorrection.com/
Submission Tags: tranco_l324
Submission: On March 21 via api (March 21st 2024, 9:38:52 am UTC) from DE — Scanned from CA

Summary HTTP 85 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 85 HTTP transactions. The main IP is 51.222.41.187, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is www.onlinecorrection.com.
TLS certificate: Issued by R3 on February 23rd 2024. Valid for: 3 months.

This is the only time www.onlinecorrection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	51.222.41.187 51.222.41.187	16276 (OVH) (OVH)
20	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
4 11	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
13	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
3	142.250.80.35 142.250.80.35	15169 (GOOGLE) (GOOGLE)
1	142.250.80.74 142.250.80.74	15169 (GOOGLE) (GOOGLE)
11	142.251.32.97 142.251.32.97	15169 (GOOGLE) (GOOGLE)
2	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
1	142.250.81.230 142.250.81.230	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
2	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1 2	142.250.176.196 142.250.176.196	15169 (GOOGLE) (GOOGLE)
85	15

21 51.222.41.187 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns5002619.ip-51-222-41.net

onlinecorrection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.onlinecorrection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.80.34 (Plainview, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.35 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.32.97 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.38 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.161.208 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	579 KB
21	onlinecorrection.com 1 redirects onlinecorrection.com www.onlinecorrection.com	69 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 5	74 KB
13	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 ad.doubleclick.net — Cisco Umbrella Rank: 189 cm.g.doubleclick.net — Cisco Umbrella Rank: 353	93 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1179	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 371	4 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	58 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 413	74 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
85	10

	Domain	Requested by
20	pagead2.googlesyndication.com	www.onlinecorrection.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	www.onlinecorrection.com	www.onlinecorrection.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net www.onlinecorrection.com tpc.googlesyndication.com pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.onlinecorrection.com googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googleadservices.com	www.onlinecorrection.com
2	ad.doubleclick.net	www.onlinecorrection.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	onlinecorrection.com	1 redirects
85	16

This site contains links to these domains. Also see Links.

Domain
www.germancorrector.com
www.frenchcorrector.com
www.spanishcorrector.com
www.portuguesecorrector.com
www.polishcorrector.com
www.italiancorrector.com
www.russiancorrector.com
www.onlinecorrectie.nl
www.ukrainiancorrection.com
www.arabiccorrection.com
www.esperantokorekto.com
www.chinesecorrection.com

Subject Issuer	Validity	Valid
www.onlinecorrection.com R3	`2024-02-23` - `2024-05-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.onlinecorrection.com/
Frame ID: 24F64F8DC3BA96DE5E54772564EF5BFE
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&adk=1812271804&adf=3025194257&lmt=1711013928&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711013928167&bpp=4&bdt=265&idt=335&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=269797079371&frm=20&pv=2&ga_vid=1778905678.1711013929&ga_sid=1711013929&ga_hid=1140526404&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081904%2C31081905%2C44798934%2C95325976%2C95321868&oid=2&pvsid=1697495734980048&tmod=269339214&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=369
Frame ID: 0C86B5C97E095803145AEA3DECB9783C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1711013928&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711013928171&bpp=2&bdt=269&idt=376&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=269797079371&frm=20&pv=1&ga_vid=1778905678.1711013929&ga_sid=1711013929&ga_hid=1140526404&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081904%2C31081905%2C44798934%2C95325976%2C95321868&oid=2&pvsid=1697495734980048&tmod=269339214&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=384
Frame ID: 7033B7AF753A6C9C2576EC29709AB1AB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: FFECDF44B66384685E1DC63042547F36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO74dsCEN-30fwCGK2NnIoCMAE&v=APEucNUPbIuncM4_9M-VVRVIhX2faQqn3vJGCefls9x6cGPiCHV0NPHUzy62yTA_6Ii8JMLrj6UF5GtpTG1PdIco5UuqURu_YA
Frame ID: 3C9D77B004F96CCF822D4E4C93062ADD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js
Frame ID: 6E0EDC7ECD06B78EC2D526A04A37CCAC
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CCF5A165092D3A8C4B3D94BD34D55BDC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9C5EFE6D0AC42A9C7EB51D7C0960C3C1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js
Frame ID: EE868D30EE4060D047AFD901A917E08B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A70103667DCC7640CBD572C16EB86B0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2F69AE2F713B963D5646D5283FC6626
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Text Correction

Page URL History Show full URLs

http://onlinecorrection.com/ HTTP 301
https://www.onlinecorrection.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

94 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

950 kB
Transfer

2490 kB
Size

13
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.germancorrector.com/
Title: GermanCorrector.com

Search URL Search Domain Scan URL

URL: https://www.frenchcorrector.com/
Title: FrenchCorrector.com

Search URL Search Domain Scan URL

URL: https://www.spanishcorrector.com/
Title: SpanishCorrector.com

Search URL Search Domain Scan URL

URL: https://www.portuguesecorrector.com/
Title: PortugueseCorrector.com

Search URL Search Domain Scan URL

URL: https://www.polishcorrector.com/
Title: PolishCorrector.com

Search URL Search Domain Scan URL

URL: https://www.italiancorrector.com/
Title: ItalianCorrector.com

Search URL Search Domain Scan URL

URL: https://www.russiancorrector.com/
Title: RussianCorrector.com

Search URL Search Domain Scan URL

URL: https://www.onlinecorrectie.nl/
Title: OnlineCorrectie.nl

Search URL Search Domain Scan URL

URL: https://www.ukrainiancorrection.com/
Title: UkrainianCorrection.com

Search URL Search Domain Scan URL

URL: https://www.arabiccorrection.com/
Title: ArabicCorrection.com

Search URL Search Domain Scan URL

URL: https://www.esperantokorekto.com/
Title: EsperantoKorekto.com

Search URL Search Domain Scan URL

URL: https://www.chinesecorrection.com/
Title: ChineseCorrection.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://onlinecorrection.com/ HTTP 301
https://www.onlinecorrection.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKls6e7TpqTz2-R-fj9dXE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKls6e7TpqTz2-R-fj9dXE&google_cver=1&C=1

Request Chain 50

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfwAKkt3udUAADVAANgJfQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJQoGrH05HfHz2H4HcU5po&google_cver=1

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGOhejEB_O4hsjXZ17GMLKI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGOhejEB_O4hsjXZ17GMLKI%26google_cver%3D1

Request Chain 52

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDg0Nzc5ODA0ODc5MDgyNA%3D%3D

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz1vNKAD8ZYWZJ5iao9kPh5udsAH4_ePUdfK-i-azEWQQASDlsucKYP2gmYHoA6ABjcn80wHIAQGoAwHIA8sEqgT3AU_QBZdqUp6NYAu360EOiL8IjTV7UGFnHT9WUA917uiWASKx0Ka2PbCdYfGE4LKfv4kpwhRSk_zlqtuyhg5mILgq4mOKU2aTVclpPfn-fRiT9bOj70KPWKeXeC27NejLCCFJcGxLicMwpoWlnIsvlF1EkbbAGXyhWgtOLyBb3I9UywHT1ROasLHj1t_6rhPAL-4V_l7shDkPV5fd0q54t_3xNYEQNFTMbJpic7fsuRQXlPyKW9P3ILYpCOg_M6C7OqLq1mSrj6MI3Yhgx_lVmrjxKlkn6daPz-fTFBK6jolcXGCbCt0pMY5TOf05rDv-YY_vfSlU6E7ABOX_mM-1BIgFoLOrlk2SBQQIBBgBkgUECAUYBIAH27aDrAKoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAfIHBBCqwSjSCCQIgGEQARhfMgKKAjoJgECAwICAgKAoSL39wTpY_o-wy4eFhQOaCRhodHRwczovL3VzZXdvcmtzaG9wLmNvbS-ACgHICwHaDBAKChDQ_7yBmOuX82gSAgED2BMNiBQB0BUBgBcBshccChoIABIUcHViLTE4NzczNjcyMjY5Mjk5MTcYALIYBBICsV_oGAE&sigh=sfVFO5Goyeo&uach_m=%5BUACH%5D&ase=2&cid=CAQSGwB7FLtqhSiMf_-Ub43Ac5WMcNP8Z5lOt3NzRhgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc856e2b4575ce99f0000000000000000%22,%222%22:%220xb574c2cdf01593650000000000000000%22,%223%22:%220xdfef34389e7565290000000000000000%22,%224%22:%220x841118c3f53ede880000000000000000%22,%225%22:%220x3d2002564ac8e9660000000000000000%22},%22debug_key%22:%2214938625245860274699%22,%22debug_reporting%22:true,%22destination%22:%22https://useworkshop.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444540045%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225483423559871742929%22}&andc=true

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

85 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.onlinecorrection.com/
Redirect Chain

http://onlinecorrection.com/
https://www.onlinecorrection.com/

64 KB
16 KB

294ms
44ms

Document
text/html

51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinecorrection.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5002619.ip-51-222-41.net

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

ad0ecefbe30d710db704935129559a0412d4bb882328bcdd481ecde3c49b94e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 15975
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Mar 2024 09:38:47 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 327
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 21 Mar 2024 09:38:47 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.onlinecorrection.com/
Server: Apache/2.4.41 (Ubuntu)

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 161ms
100ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1877367226929917

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9f2c29759a849e81e121e9890b289a5e1a617689d2f0be9bb30866ce992acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Origin: https://www.onlinecorrection.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51276
x-xss-protection: 0
server: cafe
etag: 4406511394707480433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 09:38:48 GMT

GET
H/1.1 200
OK jquery-3.6.0.slim.min.js Show response
www.onlinecorrection.com/res/ 71 KB
24 KB 33ms
33ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/jquery-3.6.0.slim.min.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "11ab4-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24640

GET
H/1.1 200
OK cookies.min.js Show response
www.onlinecorrection.com/res/ 3 KB
1 KB 71ms
30ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/cookies.min.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ab83788139956dd9661b85613bd42b7f43c67908008e021866fd658fece6f4e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a1c-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1125

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
www.onlinecorrection.com/res/ 17 KB
5 KB 91ms
30ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/jquery.tooltipster.min.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4473-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4850

GET
H/1.1 200
OK errormarks.js Show response
www.onlinecorrection.com/res/ 6 KB
2 KB 93ms
31ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/errormarks.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: edbfa34373e25f671ce65739c3249ff1056ee237f0dbcd73723a2d49f35177ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "17e3-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1864

GET
H/1.1 200
OK logo.png
www.onlinecorrection.com/res/ 800 B
1 KB 31ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/logo.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b30c03afa602a2e20bc074893f068f8495df07cf9475e1050b94b29e9bcf76fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "320-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 800

GET
H/1.1 200
OK handmadepaper.png
www.onlinecorrection.com/res/ 6 KB
7 KB 31ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/handmadepaper.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a0e5f8d7a3115b0436ef2935f35fe84696de090d5f88ed5def3df772845e1e30

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1962-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6498

GET
H/1.1 200
OK en.png
www.onlinecorrection.com/res/flags/ 599 B
924 B 32ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/en.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "257-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 599

GET
H/1.1 200
OK de.png
www.onlinecorrection.com/res/flags/ 545 B
871 B 33ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/de.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "221-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 545

GET
H/1.1 200
OK fr.png
www.onlinecorrection.com/res/flags/ 545 B
870 B 56ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/fr.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "221-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 545

GET
H/1.1 200
OK es.png
www.onlinecorrection.com/res/flags/ 469 B
794 B 62ms
33ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/es.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1d5-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 469

GET
H/1.1 200
OK pt.png
www.onlinecorrection.com/res/flags/ 554 B
879 B 94ms
46ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/pt.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "22a-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 554

GET
H/1.1 200
OK pl.png
www.onlinecorrection.com/res/flags/ 374 B
699 B 96ms
33ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/pl.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "176-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 374

GET
H/1.1 200
OK it.png
www.onlinecorrection.com/res/flags/ 420 B
745 B 69ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/it.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1a4-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 420

GET
H/1.1 200
OK ru.png
www.onlinecorrection.com/res/flags/ 420 B
746 B 63ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/ru.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1a4-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 420

GET
H/1.1 200
OK nl.png
www.onlinecorrection.com/res/flags/ 453 B
778 B 73ms
33ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/nl.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1546928846ee0a8377fd30865d4c43cef501eba7d775d494b98d1ce699627a4a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1c5-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 453

GET
H/1.1 200
OK uk.png
www.onlinecorrection.com/res/flags/ 446 B
771 B 39ms
37ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/uk.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9ae2f204178855c4fdb29ce75a0a1b2588fc3db3a7084d29715876bacd293508

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1be-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 446

GET
H/1.1 200
OK ar.png
www.onlinecorrection.com/res/flags/ 184 B
509 B 63ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/ar.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6b5601da7eb294ca1f03d3a2fc24137ed78a8db76197b7316fc2ad426a22c49a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "b8-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 184

GET
H/1.1 200
OK eo.png
www.onlinecorrection.com/res/flags/ 2 KB
3 KB 59ms
32ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/eo.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a1529984461958356645c91d7c1c9989c85dd497162f7753ebedb7463a27062e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "951-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2385

GET
H/1.1 200
OK cn.png
www.onlinecorrection.com/res/flags/ 472 B
797 B 33ms
31ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/cn.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7058233b5bdfdd4279e92e9dfe64bd4a61afd7e76d97dba498ce1d5777b92185

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 09:38:48 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1d8-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 472

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 168ms
115ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1877367226929917

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

bb5d42f531abd1bece2e463b2bad5cdd5fd40161fbdad4642eed346a655b69a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141448
x-xss-protection: 0
server: cafe
etag: 15665529687123101993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 09:38:48 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C86 117 KB
46 KB 1255ms
1189ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&adk=1812271804&adf=3025194257&lmt=1711013928&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711013928167&bpp=4&bdt=265&idt=335&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=269797079371&frm=20&pv=2&ga_vid=1778905678.1711013929&ga_sid=1711013929&ga_hid=1140526404&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081904%2C31081905%2C44798934%2C95325976%2C95321868&oid=2&pvsid=1697495734980048&tmod=269339214&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=369

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

b89df24ef0e6a3a259eb02cd8521f2cf0c9965c72f87de8ba3af4c800d7b8614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 09:38:49 GMT
expires: Thu, 21 Mar 2024 09:38:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7033 123 KB
42 KB 1502ms
1453ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1711013928&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711013928171&bpp=2&bdt=269&idt=376&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=269797079371&frm=20&pv=1&ga_vid=1778905678.1711013929&ga_sid=1711013929&ga_hid=1140526404&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081904%2C31081905%2C44798934%2C95325976%2C95321868&oid=2&pvsid=1697495734980048&tmod=269339214&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=384

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e1018a3b5550dceaae6872bad9fc50576b8903de510b4b708935055a552b1f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42442
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 09:38:50 GMT
expires: Thu, 21 Mar 2024 09:38:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 99ms
99ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

93c346121ad97072a3367fbdf05f4c9c8f34d907146ffeeeb3fad9c6da277c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57727
x-xss-protection: 0
server: cafe
etag: 2352053277643620363
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 09:38:49 GMT

GET
H2 200 ca-pub-1877367226929917 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 136ms
64ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1877367226929917?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

8c64b761179156f9791c5356f0e33008bc89a4a0b1db9f579472a61a783f6785

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IBt_M1coaKDlGw1sZexGNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-IBt_M1coaKDlGw1sZexGNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLjt5jnWGUB8csF51otALMTDsbLhw3o2gYZZW44wAwDcNzED"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 91 KB
32 KB 97ms
97ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1877367226929917

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

9a81ade7688e459641622a044c907f8fa19520b18708f2fd9ced2ee1cc67fd74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32340
x-xss-protection: 0
server: cafe
etag: 559243749204593453
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 09:38:49 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame FFEC 9 KB
4 KB 28ms
27ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 37537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:13:13 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVjPyx3qQOu1O69hUiFSh6RvFYr36i3iEUUtXuUhahg0A85fnCZ0GTrpS-zE7I4pNlcWauq7aBvJu8vx66puTq136wbmhlkWSTwNeV7eRxhzGGMsBaxo5KQPGUcSKMkp4iqhyUYLQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 64ms
63ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVjPyx3qQOu1O69hUiFSh6RvFYr36i3iEUUtXuUhahg0A85fnCZ0GTrpS-zE7I4pNlcWauq7aBvJu8vx66puTq136wbmhlkWSTwNeV7eRxhzGGMsBaxo5KQPGUcSKMkp4iqhyUYLQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDEzOTMwLDUzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5vbmxpbmVjb3JyZWN0aW9uLmNvbS8iLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/am=wA/d=1/rs=AJlcJMxBmE6Wco2YVd9vGWk608DN5GI2uQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

581ee83bd80ac448f41b8b0acc1d287fee009474181d132ea79a7d170249cc40

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XgROlHmKoZ9ulj7g4sdnzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XgROlHmKoZ9ulj7g4sdnzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLjt5jnWGUB8csF51otALMTNsarhw3o2gQV3O_QAr4Ywqg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 84d2527241fb8c00ce4670060c5f1154.js Show response
www.gstatic.com/mysidia/ Frame 7033 9 KB
4 KB 123ms
28ms Script
text/javascript 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1711013928&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711013928171&bpp=2&bdt=269&idt=376&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=269797079371&frm=20&pv=1&ga_vid=1778905678.1711013929&ga_sid=1711013929&ga_hid=1140526404&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081904%2C31081905%2C44798934%2C95325976%2C95321868&oid=2&pvsid=1697495734980048&tmod=269339214&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4075
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 20:34:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:53:44 GMT

GET
H2 200 86afce54da96dfe352c11602b6998f11.js Show response
www.gstatic.com/mysidia/ Frame 7033 11 KB
5 KB 121ms
26ms Script
text/javascript 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/86afce54da96dfe352c11602b6998f11.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

a5e523e9fc2e53beabb15afb270ddae636243a27520b4263cb568750e31d9cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 21:08:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7033 14 KB
2 KB 141ms
47ms Stylesheet
text/css 142.250.80.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f10.1e100.net

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 09:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 08:40:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 09:38:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7033 2 KB
903 B 31ms
29ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:56:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 7033 23 KB
9 KB 30ms
28ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:27:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7033 3 KB
1 KB 28ms
25ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:27:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7033 20 KB
9 KB 121ms
27ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 18:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 18:53:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7033 206 KB
62 KB 27ms
27ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:35:24 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 7033 36 KB
15 KB 28ms
26ms Script
text/javascript 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:52:46 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 103ms
103ms Fetch
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1877367226929917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3C9D 624 B
246 B 92ms
91ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO74dsCEN-30fwCGK2NnIoCMAE&v=APEucNUPbIuncM4_9M-VVRVIhX2faQqn3vJGCefls9x6cGPiCHV0NPHUzy62yTA_6Ii8JMLrj6UF5GtpTG1PdIco5UuqURu_YA

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 09:38:50 GMT
expires: Thu, 21 Mar 2024 09:38:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 6E0E 23 KB
9 KB 28ms
28ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:31:25 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 6E0E 8 KB
3 KB 29ms
28ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:47:20 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6E0E 0
0 183ms
97ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss8CexzxDm6ohzujfEy_p0SnLfq_wiTbZVIi79lqw028V9k8z7X15qyKI0AoSKY2Snc2Qn3o4uPxjWZY8bcex36uFyP_XxuewrN4lDbdoCKNvGDF4brxIA-fueKx5ZgCOF7pDZVpN7-FmbXcx2ENzpaGcl0PtsvPbo2WI8yniUd25-1lc31hAbx1STJiAIuIBwUORBypnHXf-6zjY00u0mXIs0mR6O4NYpOI2bk-NO3hj0w4tFoNp0C2CwmNQ7na43xuSqQ5JiedASrBmeX8C6nkg0rTo7bAvjZNlFtHeVoBx83Wm6lxsuuQHk9fueQfgWWBULFTv6uupQNcXaTCTWA60A52SSza0u-xMU4PGLoSGZ2qC57l3ox4M3-Ud8ZHfxhdltIKJE_OQJJLEmy5YkL9shecq0RgzrbvbN4MuzXyB3N1Mf6DgJmiNmiKVD4QSea6HxaUQtC3OnQy3VylWBvosb4EPwxycSkNqlWra5u5FsHdFIzX9wxQKG04WGmTkhd0uFkUnumpi2xw1b0ULeVjml1CZfihDa-pthdlHLV96Q6h9lj_TC2MRUzDwWW0fdWmkj2TFxUsL1mIk_7JgxNemEWzbRbfrmjEQnNmR5volGxRSW_tJCEZAYya63ASjncayOV4YEnoYOE7odApH09Cn9EZxuvSadPnim91gKeKpM1VpTIUKqYocioh3wmEq_31GgP9Uvssk8gKd2LyzrcEujxy_x5GCrBVXSH6CL3myTGDjdqug-4MJB_YzbFSUo8OTgX7N1_gr-llYqx9rhMWqXmLyEWlfuSAeewdijQ_1qUuFEu8XW2Z33HR51EcumY_R1InJnHrn2SC-w8A-ySOUq1EEDZk1YNBAux2H-I-I6deb1kIMUYEhWcVZcTkEX7enfKY9VqSYRw9e1cdOKVaCZ_NLpyyVpu1Yv-fNMo94cIrg9I4CqKkeM8NKFVWVuw6qtlrNoRw5tkrr9WFtxcshQRgM470ccOOefwOe2wyPnlGAQLcSF-vmGb-6knz3h-yDHHD23L_l0hWX16Q-cPrOc4qqPJlqbxcOd-HX5hPQEYPT61IDl84cXmEtBgqBZAbsPJpR8Dr-yD4wXX4Kwc3Q2mncrq_wta83Bxgk-bTSbTWX7xygX8sE-iOamBGS_gDEY56cY66du-f_zBrjijNyE5wIewDeskkJWfONKuImDt0rynzARLYqT6qoONzsRL7BuJNZ4uvnpX3hBdvyCjnr32ugNP6Z6SEk-lPc_iUzgtpHgL32rxClyH3AilfPdITmhnTvU1Es_aec46mbi5XXrWU9dv0zacUwLuwxQAf9VuV_7q-rbAyKeLS05DmLSl7PxG24AyXTCBDQHPpZb-MvrbftWP0cJ-qA1xAsw&sai=AMfl-YQkQfZVOoaq_mlpt9LUbHohjaMPhEZtOy-8zSK2_HdiOc3XXUoDLoKuKJg1U5XyAz4H_538R_quU-xOUFCw8yN5aJIY-mK7wa5oR5Xgu86sn9u6Te7JxlKVGD2poBZ96JefgwyHfx7EXpGXtzfegc5suWONzyw-SQJmCciPWGOrPE6b6E1uQKP3-IcErCR3XmRVGyTvoJYXEOKJcL_HW7zNxw9xBfAPrG2R-SZSgYNkhKQNGRFB3w8glxJiCZPaJZn7u20f&sig=Cg0ArKJSzKHoLeT_2JxxEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly96YWJpaGFoYWxhbC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240319.73385&arae=0&ftch=1&adurl=

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 09:38:50 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Mar 2024 09:38:50 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E0E 41 KB
14 KB 74ms
39ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:53:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 6E0E 3 KB
1 KB 70ms
35ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:27:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 6E0E 20 KB
8 KB 65ms
31ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 18:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 18:53:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6E0E 206 KB
62 KB 32ms
31ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:35:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0E 42 B
63 B 86ms
86ms Image
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CTGax9xqIgBKa8MaCYuOyjZy9ABpoUmpEaCRnDysf1V67YYLfBrkf_utqVf9hqlDXR_kATKgDVRIZGKJphzKUVweDJhBxXaQFZ65rLSyiVuN6FyBs

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14269581617088233960
s0.2mdn.net/simgad/ Frame 6E0E 73 KB
74 KB 91ms
26ms Image
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14269581617088233960

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

sffe /

Resource Hash

567c616224a7410c7f37747815bb18599eded2edf692cbe0b888e64f192ccbe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:28:37 GMT
date: Wed, 20 Mar 2024 08:28:37 GMT
x-content-type-options: nosniff
age: 90613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75210
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 18:33:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 6E0E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a0a3ecb39f382ab5dc04c8936ab0c4fca0442f4341637f464456da160d1d8ae

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3C9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKls6e7TpqTz2-R-fj9dXE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKls6e7TpqTz2-R-fj9dXE&google_cver=1&C=1

43 B
342 B

37ms
37ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKls6e7TpqTz2-R-fj9dXE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO74dsCEN-30fwCGK2NnIoCMAE&v=APEucNUPbIuncM4_9M-VVRVIhX2faQqn3vJGCefls9x6cGPiCHV0NPHUzy62yTA_6Ii8JMLrj6UF5GtpTG1PdIco5UuqURu_YA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inFVZWGJxzjZ3XqDayrCDOOkRjeHbSOx3Q10IOP7YVNc%2B3YUSf01hBgjZsCr39nUhvk9IXIHqJ%2BLsbywtLB7UA2oXnb%2F45FSVfXkmFdrVt786%2BoaXb8%2FsM7ivgTUG6P5Kc5j87gITg1t%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867cf8a8b9b239f2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gc4iuIuHGQzgjBUCtv29TZND94DAMdKfDD654X4qyvVTuhNnrcFrsfv4WdkNGAtrYgXAq2WDSjWZG3LnWpfjH4yMaAn%2BtB4xqxdliSQ9ip7ez1i7tL0j6pknxDqMiE5cMdOD9Q2ZVPo87w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESENKls6e7TpqTz2-R-fj9dXE&google_cver=1&C=1
cache-control: no-cache
cf-ray: 867cf8a8896b39f2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3C9D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfwAKkt3udUAADVAANgJfQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJQoGrH05HfHz2H4HcU5po&google_cver=1

43 B
330 B

38ms
37ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJQoGrH05HfHz2H4HcU5po&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO74dsCEN-30fwCGK2NnIoCMAE&v=APEucNUPbIuncM4_9M-VVRVIhX2faQqn3vJGCefls9x6cGPiCHV0NPHUzy62yTA_6Ii8JMLrj6UF5GtpTG1PdIco5UuqURu_YA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tyqk83a%2BVWg%2B2ZjNC%2BKTBkVfTgKPaxsG2UjINTjoC1Pcb7LvUf1QUTWIbh8z6Mwx8dz2%2By0V2HU%2FsfRNrJDmwMKCLrAKIQyAHLItBH8KEu3r3MYhNAmZfYH2fJ2qHNFk1Er8sXjI7Kn4Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867cf8a929f239f2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJQoGrH05HfHz2H4HcU5po&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 3C9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGOhejEB_O4hsjXZ17GMLKI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGOhejEB_O4hsjXZ17GMLKI%26google_cver%3D1

43 B
1 KB

74ms
74ms

Image
image/gif

68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGOhejEB_O4hsjXZ17GMLKI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO74dsCEN-30fwCGK2NnIoCMAE&v=APEucNUPbIuncM4_9M-VVRVIhX2faQqn3vJGCefls9x6cGPiCHV0NPHUzy62yTA_6Ii8JMLrj6UF5GtpTG1PdIco5UuqURu_YA

Protocol

Server

68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
an-x-request-uuid: 7e56a944-fc2c-4425-8f6f-edca75bf82f4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 154.47.17.53; 154.47.17.53; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
an-x-request-uuid: bb9a9806-d264-4ee6-bac4-b35d2bb8ac7c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGOhejEB_O4hsjXZ17GMLKI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 154.47.17.53; 154.47.17.53; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C9D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDg0Nzc5ODA0ODc5MDgyNA%3D%3D

170 B
188 B

65ms
65ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDg0Nzc5ODA0ODc5MDgyNA%3D%3D

Requested by

Protocol

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:50 GMT
an-x-request-uuid: 01c1dade-7b6a-4991-b674-c4a9117411a9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDg0Nzc5ODA0ODc5MDgyNA%3D%3D
x-proxy-origin: 154.47.17.53; 154.47.17.53; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6E0E 0
0 90ms
89ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss8CexzxDm6ohzujfEy_p0SnLfq_wiTbZVIi79lqw028V9k8z7X15qyKI0AoSKY2Snc2Qn3o4uPxjWZY8bcex36uFyP_XxuewrN4lDbdoCKNvGDF4brxIA-fueKx5ZgCOF7pDZVpN7-FmbXcx2ENzpaGcl0PtsvPbo2WI8yniUd25-1lc31hAbx1STJiAIuIBwUORBypnHXf-6zjY00u0mXIs0mR6O4NYpOI2bk-NO3hj0w4tFoNp0C2CwmNQ7na43xuSqQ5JiedASrBmeX8C6nkg0rTo7bAvjZNlFtHeVoBx83Wm6lxsuuQHk9fueQfgWWBULFTv6uupQNcXaTCTWA60A52SSza0u-xMU4PGLoSGZ2qC57l3ox4M3-Ud8ZHfxhdltIKJE_OQJJLEmy5YkL9shecq0RgzrbvbN4MuzXyB3N1Mf6DgJmiNmiKVD4QSea6HxaUQtC3OnQy3VylWBvosb4EPwxycSkNqlWra5u5FsHdFIzX9wxQKG04WGmTkhd0uFkUnumpi2xw1b0ULeVjml1CZfihDa-pthdlHLV96Q6h9lj_TC2MRUzDwWW0fdWmkj2TFxUsL1mIk_7JgxNemEWzbRbfrmjEQnNmR5volGxRSW_tJCEZAYya63ASjncayOV4YEnoYOE7odApH09Cn9EZxuvSadPnim91gKeKpM1VpTIUKqYocioh3wmEq_31GgP9Uvssk8gKd2LyzrcEujxy_x5GCrBVXSH6CL3myTGDjdqug-4MJB_YzbFSUo8OTgX7N1_gr-llYqx9rhMWqXmLyEWlfuSAeewdijQ_1qUuFEu8XW2Z33HR51EcumY_R1InJnHrn2SC-w8A-ySOUq1EEDZk1YNBAux2H-I-I6deb1kIMUYEhWcVZcTkEX7enfKY9VqSYRw9e1cdOKVaCZ_NLpyyVpu1Yv-fNMo94cIrg9I4CqKkeM8NKFVWVuw6qtlrNoRw5tkrr9WFtxcshQRgM470ccOOefwOe2wyPnlGAQLcSF-vmGb-6knz3h-yDHHD23L_l0hWX16Q-cPrOc4qqPJlqbxcOd-HX5hPQEYPT61IDl84cXmEtBgqBZAbsPJpR8Dr-yD4wXX4Kwc3Q2mncrq_wta83Bxgk-bTSbTWX7xygX8sE-iOamBGS_gDEY56cY66du-f_zBrjijNyE5wIewDeskkJWfONKuImDt0rynzARLYqT6qoONzsRL7BuJNZ4uvnpX3hBdvyCjnr32ugNP6Z6SEk-lPc_iUzgtpHgL32rxClyH3AilfPdITmhnTvU1Es_aec46mbi5XXrWU9dv0zacUwLuwxQAf9VuV_7q-rbAyKeLS05DmLSl7PxG24AyXTCBDQHPpZb-MvrbftWP0cJ-qA1xAsw&sai=AMfl-YQkQfZVOoaq_mlpt9LUbHohjaMPhEZtOy-8zSK2_HdiOc3XXUoDLoKuKJg1U5XyAz4H_538R_quU-xOUFCw8yN5aJIY-mK7wa5oR5Xgu86sn9u6Te7JxlKVGD2poBZ96JefgwyHfx7EXpGXtzfegc5suWONzyw-SQJmCciPWGOrPE6b6E1uQKP3-IcErCR3XmRVGyTvoJYXEOKJcL_HW7zNxw9xBfAPrG2R-SZSgYNkhKQNGRFB3w8glxJiCZPaJZn7u20f&sig=Cg0ArKJSzKHoLeT_2JxxEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly96YWJpaGFoYWxhbC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=137&vt=11&dtpt=136&dett=2&cstd=0&cisv=r20240319.73385&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 09:38:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CCF5 143 B
166 B 33ms
32ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1711013928&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711013928171&bpp=2&bdt=269&idt=376&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=269797079371&frm=20&pv=1&ga_vid=1778905678.1711013929&ga_sid=1711013929&ga_hid=1140526404&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081904%2C31081905%2C44798934%2C95325976%2C95321868&oid=2&pvsid=1697495734980048&tmod=269339214&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=384
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 09:27:00 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7033 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fb522bbf6ab8e314969f8e0f514a2d26699e098658dfef661d042dca001bf93

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9C5E 38 KB
13 KB 29ms
29ms Document
text/html 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 92212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 08:01:58 GMT
expires: Thu, 20 Mar 2025 08:01:58 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7033 33 KB
34 KB 391ms
27ms Font
font/woff2 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:51:37 GMT
x-content-type-options: nosniff
age: 89233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:51:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7033
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz1vNKAD8ZYWZJ5iao9kPh5udsAH4_ePUdfK-i-azEWQQASDlsucKYP2gmYHoA6ABjcn80wHIAQGoAwHIA8sEqgT3AU_QBZdqUp6NYAu360EOiL8IjTV7UGFnHT9WUA917uiWASKx0Ka2PbC...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc856e2b4575ce99f0000000000000000%22,%222%22:%220xb574c2cdf01593650000000000000000%22,%223%22:%220xdfef34...

0
0

145ms
87ms

Fetch
text/css

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc856e2b4575ce99f0000000000000000%22,%222%22:%220xb574c2cdf01593650000000000000000%22,%223%22:%220xdfef34389e7565290000000000000000%22,%224%22:%220x841118c3f53ede880000000000000000%22,%225%22:%220x3d2002564ac8e9660000000000000000%22},%22debug_key%22:%2214938625245860274699%22,%22debug_reporting%22:true,%22destination%22:%22https://useworkshop.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444540045%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225483423559871742929%22}&andc=true

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc856e2b4575ce99f0000000000000000","2":"0xb574c2cdf01593650000000000000000","3":"0xdfef34389e7565290000000000000000","4":"0x841118c3f53ede880000000000000000","5":"0x3d2002564ac8e9660000000000000000"},"debug_key":"14938625245860274699","debug_reporting":true,"destination":"https://useworkshop.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444540045"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"5483423559871742929"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 09:38:51 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 09:38:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc856e2b4575ce99f0000000000000000","2":"0xb574c2cdf01593650000000000000000","3":"0xdfef34389e7565290000000000000000","4":"0x841118c3f53ede880000000000000000","5":"0x3d2002564ac8e9660000000000000000"},"debug_key":"14938625245860274699","debug_reporting":true,"destination":"https://useworkshop.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444540045"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"5483423559871742929"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C5E 52 KB
20 KB 52ms
26ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

sffe /

Resource Hash

7bae111e7150348c7ce17c47461c60f43c1903b2cb8cac5be036faecfd108332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20325
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 00:31:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CCF5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 09:38:51 GMT
expires: Thu, 21 Mar 2024 09:38:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 09:38:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js Show response
pagead2.googlesyndication.com/bg/ Frame EE86 52 KB
20 KB 56ms
30ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

sffe /

Resource Hash

7bae111e7150348c7ce17c47461c60f43c1903b2cb8cac5be036faecfd108332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20325
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 00:31:25 GMT

GET
H3 200 mstextad Show response
fundingchoicesmessages.google.com/f/AGSKWxXXmjeblL7vN2jtrrr87fagxRna7Wmeqm0PatHQhKDYOdycEm1zBEIIW-w7tY2jxZrxuu7UCGLXrb-EDXzN0WN6ZAgBQqLbBIOgReWRHNGlOUbuQ50VX1hX_nOfD5VshEMpGHZ4VMiC7G8GEWJ4up94zUPzx... 54 B
110 B 70ms
55ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXmjeblL7vN2jtrrr87fagxRna7Wmeqm0PatHQhKDYOdycEm1zBEIIW-w7tY2jxZrxuu7UCGLXrb-EDXzN0WN6ZAgBQqLbBIOgReWRHNGlOUbuQ50VX1hX_nOfD5VshEMpGHZ4VMiC7G8GEWJ4up94zUPzxO5WYxFJ40FSYO_xQK8c0GvoTMqnu4qU/__commonAD./mstextad?/adl.php/gexternalad./adblock_detector2.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMySuRJJ5L17GyUkL7_9ZnG4bLjqWA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

69281694a677f935d11bcde83aeb77eb18d243ad1103b83e5b43c7854f279d9e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5d3s2oXzBlbkrfxHFFJZfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5d3s2oXzBlbkrfxHFFJZfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDsarhw3o2gYZTkxcwAwDeWTDy"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 48ms
33ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

f8f8a4b7bd9974862d7e197bd4e58cb072690e1e0a79507f8c935e2629771db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31028
x-xss-protection: 0
server: cafe
etag: 4787790948553753486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 09:56:26 GMT

POST
H3 204 AGSKWxV-EQdUAjrfiOgl3w5ilWCcK4yP5rtil6JVDlr-mYZNv4et2-OZ_59gTos9Q5ymQ4_sE1Fe8hrYi4S0x486px64BfgX8zEA_O80Aqov3krDO591fJhA7u0ZJ1NtX1dfrJ4Fsk4XPg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 122ms
53ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV-EQdUAjrfiOgl3w5ilWCcK4yP5rtil6JVDlr-mYZNv4et2-OZ_59gTos9Q5ymQ4_sE1Fe8hrYi4S0x486px64BfgX8zEA_O80Aqov3krDO591fJhA7u0ZJ1NtX1dfrJ4Fsk4XPg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QYxNbZKGs7IKq3f_3LOELg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 09:38:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-QYxNbZKGs7IKq3f_3LOELg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1iDgFiIh2NVw4f1bAIPDm3fzQwAxYYMfg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 151ms
87ms Preflight
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 09:38:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV-EQdUAjrfiOgl3w5ilWCcK4yP5rtil6JVDlr-mYZNv4et2-OZ_59gTos9Q5ymQ4_sE1Fe8hrYi4S0x486px64BfgX8zEA_O80Aqov3krDO591fJhA7u0ZJ1NtX1dfrJ4Fsk4XPg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D-fiFZCNvqUBu1grhyUHtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-D-fiFZCNvqUBu1grhyUHtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1iDgFiIm2N1w4f1bAIP3m7mBAC6mwv-"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV-EQdUAjrfiOgl3w5ilWCcK4yP5rtil6JVDlr-mYZNv4et2-OZ_59gTos9Q5ymQ4_sE1Fe8hrYi4S0x486px64BfgX8zEA_O80Aqov3krDO591fJhA7u0ZJ1NtX1dfrJ4Fsk4XPg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_2Fz-UcT6iuGpEGtRjTDJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_2Fz-UcT6iuGpEGtRjTDJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1iDgFiIm2N1w4f1bAI7dv3lAgC4CAvf"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.onlinecorrection.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV-EQdUAjrfiOgl3w5ilWCcK4yP5rtil6JVDlr-mYZNv4et2-OZ_59gTos9Q5ymQ4_sE1Fe8hrYi4S0x486px64BfgX8zEA_O80Aqov3krDO591fJhA7u0ZJ1NtX1dfrJ4Fsk4XPg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q5nQuaIsgcSztcKrHjF1GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q5nQuaIsgcSztcKrHjF1GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1iDgFiIm2N1w4f1bAIvnj3mAQC5ngwn"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW0ja97_DS5IduGedkxqi9XMbe08Y_gHIjKSIQi7pB4XOS8ZpPKJMBTY_nWQirFxcD6hxzUaHMYkNKZtbkv0a_LaG_iGkXrZ-HVMiS70Zccsjr3irSLCfkG5VEdtGjK8N63dZziBQ== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 58ms
58ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0ja97_DS5IduGedkxqi9XMbe08Y_gHIjKSIQi7pB4XOS8ZpPKJMBTY_nWQirFxcD6hxzUaHMYkNKZtbkv0a_LaG_iGkXrZ-HVMiS70Zccsjr3irSLCfkG5VEdtGjK8N63dZziBQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDEzOTMwLDk5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm9ubGluZWNvcnJlY3Rpb24uY29tLyIsbnVsbCxbWzgsImxya3UxdnltYzJzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

d1b11915c9a53845285c1b96faa674863ef3a77c055db2a69a996d179a250b05

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B_JCDbCE8p9UJvefAddyOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B_JCDbCE8p9UJvefAddyOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLjt5jnWGUB8csF51otALMTNsbrhw3o2gYYnTQIArMYwaQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV-EQdUAjrfiOgl3w5ilWCcK4yP5rtil6JVDlr-mYZNv4et2-OZ_59gTos9Q5ymQ4_sE1Fe8hrYi4S0x486px64BfgX8zEA_O80Aqov3krDO591fJhA7u0ZJ1NtX1dfrJ4Fsk4XPg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i-2DUN3sWVrRKr7su4fvwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-i-2DUN3sWVrRKr7su4fvwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII1pBiWMS_i6mW4RlTKxA7pc9gDQJiIW6O1Q0f1rMJLHjz3RAA7RANng"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.onlinecorrection.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUd7tLjtliCXopb6eyuxosMeKD2tc3oTQXuuikD8VikKYKpJzTV0Ct-t9cCyrhOMbLLv2NRh04PtaLB3prVgmXH_YX37YzvS7s46poL5MEEklgzdk0Vb-U-NMjFGBeSEEg5mlTqVQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
61ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUd7tLjtliCXopb6eyuxosMeKD2tc3oTQXuuikD8VikKYKpJzTV0Ct-t9cCyrhOMbLLv2NRh04PtaLB3prVgmXH_YX37YzvS7s46poL5MEEklgzdk0Vb-U-NMjFGBeSEEg5mlTqVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDEzOTMxLDc2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cub25saW5lY29ycmVjdGlvbi5jb20vIixudWxsLFtbOCwibHJrdTF2eW1jMnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

dc4efb084727f5f5a9c2df7fae76a3a4ecdabed72b5cceb558b123cda69d8994

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JNOzo-oONoZRlnjez1z78A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JNOzo-oONoZRlnjez1z78A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTNsbrhw3o2gQdzDpoDAK1sMOQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C5E 0
20 B 94ms
94ms Image
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaM0nKAD8Zd-XJ_qYo9kP-vmMkAgAAAAAOAHgBAI&bg=!u7iluPfNAAZewuCMfsI7ADQBe5WfODMRRKXPo8LY4gA8ne2gUh0yMx5Mc-uVuhrPYk-vJ0EotuBZW28YmUORmdkTyasDAgAAALpSAAAABGgBB34ANRBt-2wWWRKeyPkcHJNenYQLJ4AFBUxOX7rHzzPHpKKLtyXWAXHjJVbdPYjO0sR9TjpKztAwmQLDZMPOA49H06rdXH2SElpfRvRTYcH2D01h4JRpltCNcAEdm7_21vNn1TFKgaW-vx11ZbyRIvpajxahCIdU-cfEDIHQAJR12Vgf-qZ9tDN4N_PCcErHljloEjoOYiP-BR0VLv3GfatAv1DMwi58mI9YPWDmGaq9Cuj2aj0SsEt4EFGeE3b1x_XSthMj5Qi78V6HieoxLq2H_Fr7qqu5g8RrqyHrF8-GFJTNCUgxHrlOpz7EeAlOa_0B-7aL5IqYYjMaAo1brTy9UI-W_Yilw0rJ-PSJwxsiPpVXxD-Nz1FPp2OAOagflh3MpBfBBjqzlrlBcedTwqad7Q4lUK2P8dx5iFIoE_rLuWlT_r-dO1aEE5DVj5xoOWllAIyByVh4hcTx8ZEHM0Yy9BHbI2PF6AqumXZoRN9vBECB-0eGhtp6fkJHwqS1yCGQIFHcoIKILN1KGNBd-G8ayJKjmKDjd62Eoj1JvpxyiWqfS9e5QI26bNEik0qsLNIuqImJ_Z1IOHBROc1yNF6Ku3ULX71SxUn2zitWpsI5dH0Cz-YyhkoOnYY_OvpRdjiIraOrv0U4rE6H3PyNXI5A5kwRPYl0fkMr2HLVOgrrGXFY553Kx9Rp_zAzSLDGcET9x8WR65XN-3-r1C0MGd_zccFm7ASXsVqpj77GV6gr-7y4GGxuClmBSbUKSQm1KPHjlB6bLkmRMZ-E8Wm7qIRphBjLGiuXJnSUbbsus8QadbdWBpXrpieco5uEeo8utqhmfssEyFMSQfhpmq5jn0BfmO7IR674KbOwSWaeeKCAI8SkZ8q0NRT0fTAsFwmVVC1AjE-lMlLtHvw3NziCSLj_Wm_rr4xPfbqGrhWcKjIc62Dc0Rb5arNrYGbgQoi1KarasTD_myHNvI_9unqzlG9N7aVrrIgGaAMPpzIZ_GTjAgRk2tTkHF1GiGkcPYQ

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxURfrzR9YLAW-q6VcLV-SN_3z3m3bh264gKs4gNNQ7WQgJzT9uWEfUPuqPHyRkUTuFNuEr2T72nZH_kvW9F0l0f-G1bHjv9ERIio3BMuGkWJUUwNlSYd0Xb09yoIbvVwa2ojmmNwQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 69ms
68ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxURfrzR9YLAW-q6VcLV-SN_3z3m3bh264gKs4gNNQ7WQgJzT9uWEfUPuqPHyRkUTuFNuEr2T72nZH_kvW9F0l0f-G1bHjv9ERIio3BMuGkWJUUwNlSYd0Xb09yoIbvVwa2ojmmNwQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDEzOTMxLDE0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cub25saW5lY29ycmVjdGlvbi5jb20vIixudWxsLFtbOCwibHJrdTF2eW1jMnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

a8e97382b9de57997344544322e590d3da112506e21cb1df2db497fe32f886a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pkE8yrkWFJsQv07vQCdZHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pkE8yrkWFJsQv07vQCdZHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTNsbrhw3o2gY537eEArK4wxA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXVBagrOEYeEYx2wSbbOaif7PigFKw6GZJ6eAu5NCnb0dtksu6v_HkrR-lZvVBTgXDpyjOzTB-I5AfsxWQrDUNFqjnkZPrxs6uS_ljAZbpVHo-FTZ7oUMZV_fTi57OPtG382Qrplw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
50ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXVBagrOEYeEYx2wSbbOaif7PigFKw6GZJ6eAu5NCnb0dtksu6v_HkrR-lZvVBTgXDpyjOzTB-I5AfsxWQrDUNFqjnkZPrxs6uS_ljAZbpVHo-FTZ7oUMZV_fTi57OPtG382Qrplw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3A74fpoHA6eWNCx966vDBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-3A74fpoHA6eWNCx966vDBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1iDgFiIm2N1w4f1bAITjs4uBQC5owve"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.onlinecorrection.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV-EQdUAjrfiOgl3w5ilWCcK4yP5rtil6JVDlr-mYZNv4et2-OZ_59gTos9Q5ymQ4_sE1Fe8hrYi4S0x486px64BfgX8zEA_O80Aqov3krDO591fJhA7u0ZJ1NtX1dfrJ4Fsk4XPg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--8Lf46-LTsFiElzVGwjjng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--8Lf46-LTsFiElzVGwjjng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1iDgFiIm2N1w4f1bAITvm8pBQC4WwwZ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.onlinecorrection.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 121ms
120ms XHR
application/json 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240319&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

4434e67a68f2cce4da8004877e09111f483223c21e63519dda9ebd364e129761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12392
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 09:38:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A701 13 KB
5 KB 31ms
28ms Document
text/html 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 33054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 00:27:57 GMT
expires: Fri, 21 Mar 2025 00:27:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F2F6 829 B
996 B 51ms
49ms Document
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f4.1e100.net

Software

GSE /

Resource Hash

4dfa220208b87881f9a13022bab504282ea852a20bf1ea666cf274c9552bf4db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aZ1FYevdNDsCZGoV-Ggofg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aZ1FYevdNDsCZGoV-Ggofg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 09:38:51 GMT
expires: Thu, 21 Mar 2024 09:38:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E0E 42 B
64 B 99ms
97ms Fetch
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui65JjeE_QK4aLgR5DrL-T68IjtkkvHhs-r3bfkJr77YDeoC2zVjpbrDeg88bPWISLeq8w9ngCJdcTBxmG2-IdfgYGvxlUFm3TKNfNkA_G3WlgcVq1YBkFkI4a1BgwYn37SxS78hhrkHo8rVAuLg&sai=AMfl-YQukQ1OTi8aOfj2_PgJVesvmj72XFXJESXu2f3B21JMeJffmSQ9hm8_qWpV8WQfKRugljSYYQK81FUM&sig=Cg0ArKJSzCzdgNnKgbzREAE&cid=CAQSGwB7FLtqe3qiEuljLpjS_hJfMb4Jx-IZByYOrRgB&id=lidar2&mcvt=1000&p=0,0,100,600&mtos=280,831,1000,1100,1148&tos=280,551,169,100,48&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=694673000&rst=1711013930111&rpt=159&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A701 40 KB
16 KB 26ms
26ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:55:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2F6 0
0 85ms
84ms Image
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240319&jk=1697495734980048&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A701 0
10 B 29ms
25ms Image
text/plain 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HGnaiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:38:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7033 42 B
64 B 90ms
89ms Fetch
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0JO1Fq7YoWM4gelbBL3NPzcTrhhst-ivAXiC1_pO3cBBucfSVXIIWu0u4TIUUyVOvbxBC0z_RZJ47MEb213h_jD_hiAbOvpNpu5obVwR5cpiSsZ60u3_e-SLxckdHNEYb05owYQEn2Dz9LYB9GlwasPY2OmE-GFg&sai=AMfl-YRxKW0RHhMRYYsw5Onyaewt8xWCLa21QCgraC6E8pnr18wRexKMcDfY52zDy_ueLawAeQV76AvRVV0L&sig=Cg0ArKJSzOtJBVBjJsl3EAE&cid=CAQSGwB7FLtqhSiMf_-Ub43Ac5WMcNP8Z5lOt3NzRhgB&id=lidar2&mcvt=1000&p=0,0,280,980&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1141583786&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=694673000&rst=1711013928556&rpt=2237&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 09:38:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240319&jk=1697495734980048&bg=!VlWlVRrNAAZaswqNerM7ADQBe5WfODy37P3CU6Zzckxt2v_Z5_Mfr9rtZcP4Eg6Zj7EtsAXgFklf4nrlkHEfbz-RFif7AgAAAEZSAAAAAmgBB34ANUq5z7IzIxjtaTDRDhl3aDAmnbxzcx1wk29cagMOAB1LB5DTZJ1KIipA7mr8ztKpS3Owt-21CgAQoZXq5SJHYUh8vrkzLQQIQJkCYfxYHZHzbq6n9-jhfPCgGxLUiGzDS-2dfcVXmvruiB84lrueOBh34WsJgVNEwQuAq9vhglrBhiGNER-_1VS4zAj8CQ0o8tOe6O7vPf40C9Tzbpb_EnWWrL75ZogYRBrM_bAIe1USyO55_96fqs3MVu9GbTnXIQ2I7e5UKjtC6ZnXUdc4C3GWJnECPkpO2LJ5ZaF4ssz1IMFV20S-CbsO2z0i48YgV_NeObgeGP7o6NQI9bbC8cyHDL8LY2Qs-H7fX8ua_31qdGE8XU6ihAGtkjzE7rFUV4hOnO9D-rMtKUtOI2TtRFcbJnGlz36jigfRkWpOUFMAKIT1CoHss9MEjIbS1_7u9s5v7OEbUx2ZEwm7VUuwN9x4qf4Y54TTmy1NNBM7Sb0b_DKlqH3X399mIjO_aweeEnJ2vpyApa7sj_H56iSHj6LaIYOPfMRKJq7QZpCYHELaHZ7YLI4q7SjmHmT1c-4UilemBavW-0h3-kfTNvKaenFmnG-ltFy1cRbu44g-RbtVWXc9Aasr8yYHbSQutEbBhIm_HTgcq1pD4M7toI-Q26AWh_aKYjU_u-6AxkNbdHICrrwBVsV5sSWyVKM_Vby8ywIXSeHjm1xz4pTrBqkBV2gw1L_xjzE_k4evGV0GeIBajpwQzyNWRNj-s2Fa01sYmhlkPylbJwwDBJ4O-aRjo7Ska5ITIlb2YFJ9FQB4OgTGiEweO-alcgbyy353V1sJ-WnBlOeg0IFLzNKi5wT-DkV8_U1gqO2fQ9y08tKASr6SLsOHeYKltvwuTD4RZhyNQrj8A5GktBSDkvSAuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlinecorrection.com/	1970-01-20 23:36:05	Name: __eoi Value: ID=5bde96e3ae6cf3af:T=1711013928:RT=1711013928:S=AA-AfjZxQDmT48BzuAfUGpxKHYjX
.doubleclick.net/	1970-01-21 04:52:53	Name: IDE Value: AHWqTUmXdL-pd5jHh0GDpDAZoyh7y8Efg3T5HjnI14Hy6CbcUO3669cxq0E5QckvIX4
.doubleclick.net/	1970-01-20 23:36:05	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 21:26:29	Name: CMPS Value: 3486
.casalemedia.com/	1970-01-21 04:02:29	Name: CMID Value: ZfwAKtHM6ToAADRYAHlz4gAA
.casalemedia.com/	1970-01-20 21:26:29	Name: CMPRO Value: 3486
.adnxs.com/	1970-01-21 04:52:53	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:26:29	Name: XANDR_PANID Value: y__0w9XKZokFK9KkHd_v0dTHBa8-TO335th4asQ_zNV4sTxTPT1zFNqQEWtV39AYXP2xUitdJd1KCcERAPaSiYbao1vT5p0EvvK3wKEeqa4.
.adnxs.com/	1970-01-20 21:26:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>wnTFue!@wnfH8K6pQK`!5=E<L5?%M<8=n(2jPFE7/grAP/3N=km>Oc'?ieZGPa8Lw%nugO%v4VB%nnh[+CqQ
.adnxs.com/	1970-01-20 21:26:29	Name: uuid2 Value: 8026253372504278786
.doubleclick.net/	1970-01-20 19:16:57	Name: DSID Value: NO_DATA
.onlinecorrection.com/	1970-01-21 04:02:29	Name: FCNEC Value: %5B%5B%22AKsRol-ZAsAQ6bUBd_tBRuPmh8wDhZIefkMMJufBsQYzXNDpvqMbsqtUqSY3ex2okZEjowXOsphrl5IT90cY9WUU8DlWCCbOBo_u0SuRTEQSUxpvzbhNlU3z_aXadl3ies4GkOFJhgqbUnoEm69mSZrsm7oyk3cM4Q%3D%3D%22%5D%5D
.googleadservices.com/	1970-01-20 21:26:29	Name: ar_debug Value: 1

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlinecorrection.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
onlinecorrection.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
www.onlinecorrection.com
104.18.36.155
142.250.176.196
142.250.65.195
142.250.80.34
142.250.80.35
142.250.80.38
142.250.80.74
142.250.81.230
142.251.32.97
142.251.40.194
142.251.41.14
142.251.41.2
51.222.41.187
68.67.161.208
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1546928846ee0a8377fd30865d4c43cef501eba7d775d494b98d1ce699627a4a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4434e67a68f2cce4da8004877e09111f483223c21e63519dda9ebd364e129761
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dfa220208b87881f9a13022bab504282ea852a20bf1ea666cf274c9552bf4db
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567c616224a7410c7f37747815bb18599eded2edf692cbe0b888e64f192ccbe8
581ee83bd80ac448f41b8b0acc1d287fee009474181d132ea79a7d170249cc40
5a0a3ecb39f382ab5dc04c8936ab0c4fca0442f4341637f464456da160d1d8ae
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69281694a677f935d11bcde83aeb77eb18d243ad1103b83e5b43c7854f279d9e
6b5601da7eb294ca1f03d3a2fc24137ed78a8db76197b7316fc2ad426a22c49a
6c9f2c29759a849e81e121e9890b289a5e1a617689d2f0be9bb30866ce992acf
7058233b5bdfdd4279e92e9dfe64bd4a61afd7e76d97dba498ce1d5777b92185
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
7bae111e7150348c7ce17c47461c60f43c1903b2cb8cac5be036faecfd108332
8c64b761179156f9791c5356f0e33008bc89a4a0b1db9f579472a61a783f6785
93c346121ad97072a3367fbdf05f4c9c8f34d907146ffeeeb3fad9c6da277c9e
95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a
9a81ade7688e459641622a044c907f8fa19520b18708f2fd9ced2ee1cc67fd74
9ae2f204178855c4fdb29ce75a0a1b2588fc3db3a7084d29715876bacd293508
9fb522bbf6ab8e314969f8e0f514a2d26699e098658dfef661d042dca001bf93
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e5f8d7a3115b0436ef2935f35fe84696de090d5f88ed5def3df772845e1e30
a1529984461958356645c91d7c1c9989c85dd497162f7753ebedb7463a27062e
a5e523e9fc2e53beabb15afb270ddae636243a27520b4263cb568750e31d9cb9
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a8e97382b9de57997344544322e590d3da112506e21cb1df2db497fe32f886a0
ab83788139956dd9661b85613bd42b7f43c67908008e021866fd658fece6f4e9
ad0ecefbe30d710db704935129559a0412d4bb882328bcdd481ecde3c49b94e0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30c03afa602a2e20bc074893f068f8495df07cf9475e1050b94b29e9bcf76fa
b89df24ef0e6a3a259eb02cd8521f2cf0c9965c72f87de8ba3af4c800d7b8614
ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96
bb5d42f531abd1bece2e463b2bad5cdd5fd40161fbdad4642eed346a655b69a9
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c
d1b11915c9a53845285c1b96faa674863ef3a77c055db2a69a996d179a250b05
dc4efb084727f5f5a9c2df7fae76a3a4ecdabed72b5cceb558b123cda69d8994
dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e1018a3b5550dceaae6872bad9fc50576b8903de510b4b708935055a552b1f2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edbfa34373e25f671ce65739c3249ff1056ee237f0dbcd73723a2d49f35177ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f8f8a4b7bd9974862d7e197bd4e58cb072690e1e0a79507f8c935e2629771db9

www.onlinecorrection.com Open in urlscan Pro 51.222.41.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

94 %HTTPS

0 %IPv6

10 Domains

16 Subdomains

15 IPs

3 Countries

950 kBTransfer

2490 kBSize

13 Cookies

12 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onlinecorrection.com Open in urlscan Pro
51.222.41.187 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

94 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

950 kB
Transfer

2490 kB
Size

13
Cookies

85 HTTP transactions
2 data transactions