client-retention.canadianvisa.org Open in urlscan Pro
95.85.55.135  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response client-retention.canadianvisa.org/	2 KB 3 KB	193ms 24ms	Document text/html	95.85.55.135 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://client-retention.canadianvisa.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash bd5d91c5fc6d11dce25eb0da20eeacc81191338f9626072f5a24335c470267dc Request headers Host client-retention.canadianvisa.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.16.1 Date Sat, 02 Oct 2021 21:20:33 GMT Content-Type text/html; charset=utf-8 Content-Length 2308 Last-Modified Wed, 22 Sep 2021 07:39:10 GMT Connection keep-alive ETag "614add9e-904" Accept-Ranges bytes
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	38ms 15ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,700 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash 1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 02 Oct 2021 19:44:01 GMT server ESF date Sat, 02 Oct 2021 21:20:33 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sat, 02 Oct 2021 21:20:33 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 441 B	40ms 18ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash eee6a08358c03e6fa553d20ab0188e229b29098f51cad4f41be3f88f6ade8aba Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 02 Oct 2021 21:20:33 GMT server ESF date Sat, 02 Oct 2021 21:20:33 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sat, 02 Oct 2021 21:20:33 GMT
GET H2	200	jquery-ui.css ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/	36 KB 9 KB	50ms 14ms	Stylesheet text/css	142.250.185.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f10.1e100.net Software sffe / Resource Hash f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 01:30:19 GMT content-encoding gzip x-content-type-options nosniff age 71414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8422 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Sun, 02 Oct 2022 01:30:19 GMT
GET H/1.1	200 OK	style.69bad28f7841ee427fc1.css client-retention.canadianvisa.org/	311 KB 47 KB	48ms 48ms	Stylesheet text/css	95.85.55.135 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://client-retention.canadianvisa.org/style.69bad28f7841ee427fc1.css Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 549b6e902e9db5f6532757bdc5ea9f3440ad9dfa1b4afad0c8124079c1e37ba5 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host client-retention.canadianvisa.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://client-retention.canadianvisa.org/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 02 Oct 2021 21:20:33 GMT Content-Encoding gzip Last-Modified Wed, 22 Sep 2021 07:39:10 GMT Server nginx/1.16.1 ETag "614add9e-b8e0" Content-Type text/css Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 47328 Expires Sat, 09 Oct 2021 21:20:33 GMT
GET H/1.1	200 OK	bundle.69bad28f7841ee427fc1.js Show response client-retention.canadianvisa.org/	2 MB 452 KB	72ms 35ms	Script application/javascript	95.85.55.135 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://client-retention.canadianvisa.org/bundle.69bad28f7841ee427fc1.js Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4e6afabc69b882ae0e7717197231014c2ed3a65fede2e088c0d1b052a32b0b61 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host client-retention.canadianvisa.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://client-retention.canadianvisa.org/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 02 Oct 2021 21:20:33 GMT Content-Encoding gzip Last-Modified Wed, 22 Sep 2021 07:39:24 GMT Server nginx/1.16.1 ETag "614addac-70f23" Content-Type application/javascript; charset=utf-8 Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 462627 Expires Sat, 09 Oct 2021 21:20:33 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	185 KB 61 KB	52ms 30ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 87ba45768d80fa3d5420d5fb9e05e5fed91de103589bcac954c8b5c0a7e18d7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:33 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62286 x-xss-protection 0 last-modified Sat, 02 Oct 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 02 Oct 2021 21:20:33 GMT
GET H2	200	hotjar-1957728.js Show response static.hotjar.com/c/	4 KB 2 KB	86ms 37ms	Script application/javascript	13.32.29.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1957728.js?sv=6 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.29.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-29-105.fra56.r.cloudfront.net Software / Resource Hash 20449e10d8efe6688808349a0812cf08fa79c9ce7a25c38fc64ade36f3a9b25c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:33 GMT content-encoding br x-content-type-options nosniff x-edge-origin-shield-skipped 0 x-cache-hit 1 etag W/fe98d9bef71efcc3e43de816082af813 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA56-C2 content-length 1893 via 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront) x-amz-cf-id mnDvozagpoak4iw6aSKso-7C9wfTSle5ODQK2BAWYHfAKhiAwwxDxg==
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	29ms 7ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 2016 date Sat, 02 Oct 2021 20:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Sat, 02 Oct 2021 22:46:57 GMT
GET H/1.1	200 OK	obtp.js Show response amplify.outbrain.com/cp/	7 KB 3 KB	33ms 8ms	Script application/x-javascript	2.18.234.190 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/cp/obtp.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-190.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 02 Oct 2021 21:20:33 GMT Content-Encoding gzip Last-Modified Mon, 28 Jun 2021 09:47:31 GMT Server AkamaiNetStorage ETag "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=1200 Connection keep-alive Accept-Ranges bytes Content-Length 3100 Expires Sat, 02 Oct 2021 21:40:33 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	23ms 7ms	Script application/x-javascript	157.240.236.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-frx5.fbcdn.net Software / Resource Hash 2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 25967 x-xss-protection 0 pragma public x-fb-debug M70pxfxqLoMYGjhdZXGBDTsaIOEFj/M4z058va9Yk05ysYBzLE21ThrwdL7MOENDDRimzTDK8A91JZOQtrK3hg== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sat, 02 Oct 2021 21:20:33 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tracking.js Show response cdn.livechatinc.com/	77 KB 23 KB	35ms 7ms	Script application/javascript	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/tracking.js Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 50417a1d85906b443297a92eb72013bef370e6a1c2a1280c44e4fc2734e1cf8e Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id c3tA4y4VBanhbLfJHOH6P20AOn7xxofd content-encoding br last-modified Wed, 29 Sep 2021 09:18:25 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 etag W/"33c5c21d4cb0bd6c3b81c2ff273f40c1" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=28800 date Sat, 02 Oct 2021 21:20:33 GMT content-length 23521 x-amz-cf-id iInrD_X4_lHWKQoWJtMfOKwz0bFny0Soigsm2yqUyKsdBHXKuTOEmg== expires Sun, 03 Oct 2021 05:20:33 GMT
GET H2	200	ytc.js Show response s.yimg.com/wi/	15 KB 6 KB	74ms 21ms	Script application/javascript	87.248.118.23 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/ytc.js Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS e2.ycpi.vip.deb.yahoo.com Software ATS / Resource Hash b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers ats-carp-promotion 1 date Sat, 02 Oct 2021 20:44:51 GMT content-encoding gzip x-content-type-options nosniff age 2143 x-amz-server-side-encryption AES256 vary Origin, Accept-Encoding content-length 5639 x-amz-id-2 PkG2V7XJ18HCVv2HuhlENWPbAmqz9/WC7GaI188ednr5cZuQpvyw/pLHlqlekyiDLmACQQLQsa0= referrer-policy no-referrer-when-downgrade x-amz-expiration expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle" last-modified Thu, 27 May 2021 13:00:20 GMT server ATS etag "6de43f1c725d89777edaa2bc5d679ecb-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 x-amz-request-id 98V3XWEYBEXC0XDX x-xss-protection 1; mode=block cache-control public,max-age=3600 x-amz-version-id Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d accept-ranges bytes content-type application/javascript
GET H/1.1	401 Unauthorized	fields Show response retention-client-api.canadianvisa.org/v1/form/	93 B 337 B	88ms 26ms	XHR application/json	95.85.55.135 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://retention-client-api.canadianvisa.org/v1/form/fields?access-token=null&uid=1 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/bundle.69bad28f7841ee427fc1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 5282c6b09031c4de92e9b6d96597b8b9e055f46942479c5b74bafb9f11ffa66f Request headers Accept application/json, text/plain, */* Referer https://client-retention.canadianvisa.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 02 Oct 2021 21:20:33 GMT Transfer-Encoding chunked Server nginx/1.16.1 Connection keep-alive Vary Accept Content-Type application/json; charset=UTF-8
GET H/1.1	401 Unauthorized	fields Show response retention-client-api.canadianvisa.org/v1/form/	93 B 337 B	113ms 29ms	XHR application/json	95.85.55.135 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://retention-client-api.canadianvisa.org/v1/form/fields?access-token=null&uid=1 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/bundle.69bad28f7841ee427fc1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 5282c6b09031c4de92e9b6d96597b8b9e055f46942479c5b74bafb9f11ffa66f Request headers Accept application/json, text/plain, */* Referer https://client-retention.canadianvisa.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 02 Oct 2021 21:20:33 GMT Transfer-Encoding chunked Server nginx/1.16.1 Connection keep-alive Vary Accept Content-Type application/json; charset=UTF-8
GET H/1.1	200 OK	/ Show response api.ipify.org/	24 B 274 B	401ms 101ms	XHR application/json	54.243.252.128 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/bundle.69bad28f7841ee427fc1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.243.252.128 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-243-252-128.compute-1.amazonaws.com Software Cowboy / Resource Hash d9a69ab67c440134f47a8fc1a1c447e133c06e39eb3b25bddad481ea4f3690dc Request headers Accept application/json, text/plain, */* Referer https://client-retention.canadianvisa.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 02 Oct 2021 21:20:34 GMT Via 1.1 vegur Server Cowboy Vary Origin Content-Type application/json Access-Control-Allow-Origin https://client-retention.canadianvisa.org Connection keep-alive Content-Length 24
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	29ms 7ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://client-retention.canadianvisa.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 17:03:52 GMT x-content-type-options nosniff age 188201 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 30 Sep 2022 17:03:52 GMT
GET H2	200	modules.e95f6e2deb67f1b24d8e.js Show response script.hotjar.com/	221 KB 59 KB	33ms 7ms	Script application/javascript	13.32.29.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1957728.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.29.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-29-87.fra56.r.cloudfront.net Software / Resource Hash 3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 08:27:05 GMT content-encoding br x-content-type-options nosniff age 392008 x-amz-server-side-encryption AES256 x-edge-origin-shield-skipped 0 x-cache Hit from cloudfront content-length 59787 access-control-allow-origin * last-modified Tue, 28 Sep 2021 08:26:22 GMT etag "4c2c45df8457d0c2a07b3285a23cd7a4" vary Accept-Encoding content-type application/javascript via 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-C2 accept-ranges bytes x-robots-tag none x-amz-cf-id EZoAzxGfvwBpmowdpW6DUvdXtzaZfEccstJqqkzi7h4T0pZxryu65Q==
GET H/1.1	200 OK	cachedClickId Show response tr.outbrain.com/	35 B 239 B	375ms 87ms	Script application/javascript	64.202.112.191 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/cachedClickId?marketerId=0037bfe3aa65d755d91de3ef30ea3af84a Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 02 Oct 2021 21:20:34 GMT content-encoding gzip X-TraceId 404222254765e0117b5d6ef41cea0499 Content-Length 56 Content-Type application/javascript
GET H/1.1	200 OK	unifiedPixel tr.outbrain.com/	43 B 256 B	374ms 87ms	Image image/gif	64.202.112.191 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://tr.outbrain.com/unifiedPixel?marketerId=0037bfe3aa65d755d91de3ef30ea3af84a&obApiVersion=1.0-gtm&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2F&optOut=false&bust=096605449077136 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 02 Oct 2021 21:20:34 GMT Cache-Control no-cache X-TraceId 053f0283877f04a2cc60edbd87bf6bdb content-encoding gzip Content-Length 60 Content-Type image/gif;
GET H2	200	638202162930393 Show response connect.facebook.net/signals/config/	490 KB 143 KB	60ms 60ms	Script application/x-javascript	157.240.236.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/638202162930393?v=2.9.47&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-frx5.fbcdn.net Software / Resource Hash 99be38495b1153326f01245e1b2d92ad044c407ec03eb03fabb86b1a7e03a408 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug 5XaUoIPiHr5jo1jHrVaTc5u1CY137/iIEesjgBvEHvlInnHc3XJxYN4euruNC1A35IJ1GlP3/Enica21H4FZfA== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sat, 02 Oct 2021 21:20:33 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	get_dynamic_configuration Show response api.livechatinc.com/v3.3/customer/action/	240 B 456 B	403ms 381ms	Script application/javascript	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13012263&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2F&channel_type=code&jsonp=__eytznu1awyj Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software / Resource Hash b9fc2d6d2da11416e234daae67dcbe6170620b837cdbf3d201fe0b5d5c2b84ca Security Headers Name Value Content-Security-Policy frame-ancestors https://client-retention.canadianvisa.org/; X-Frame-Options allow-from https://client-retention.canadianvisa.org/ Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy frame-ancestors https://client-retention.canadianvisa.org/; x-frame-options allow-from https://client-retention.canadianvisa.org/ date Sat, 02 Oct 2021 21:20:34 GMT content-length 240 vary Accept-Encoding content-type application/javascript; charset=UTF-8
POST H2	200	collect Show response stats.g.doubleclick.net/j/	8 B 479 B	42ms 14ms	XHR text/plain	173.194.76.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-60594623-1&cid=1261052997.1633209634&jid=1988288075&gjid=877875648&_gid=2132728760.1633209634&_u=YGBAgEABAAAAAE~&z=1313410585 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.76.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ws-in-f154.1e100.net Software Golfe2 / Resource Hash 6fbd53e269f146bd140e2da7314ee55256cb49c75f0d9d670f439eb91bd45807 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://client-retention.canadianvisa.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 02 Oct 2021 21:20:33 GMT content-type text/plain access-control-allow-origin https://client-retention.canadianvisa.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 7ms	Image image/gif	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j93&a=586628909&t=pageview&_s=1&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&ul=en-us&de=UTF-8&dt=Dashboard%20-%20Canadian%20visa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1988288075&gjid=877875648&cid=1261052997.1633209634&tid=UA-60594623-1&_gid=2132728760.1633209634&gtm=2wg9r0PTTXXK2&cd6=&cd16=&cd18=&cd19=&z=1258526878 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 01 Oct 2021 22:39:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 81684 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	10159335.json Show response s.yimg.com/wi/config/	2 B 486 B	117ms 105ms	XHR application/json	87.248.118.23 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/config/10159335.json Requested by Host: s.yimg.com URL: https://s.yimg.com/wi/ytc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS e2.ycpi.vip.deb.yahoo.com Software ATS / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:33 GMT content-encoding gzip x-content-type-options nosniff age 0 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding x-amz-request-id XDAYDZ7BYGZWWQ7B x-amz-id-2 4NV4TIu6ZmXFsR60dVhQWkcmdC0cQvQ4Vf+/doN/yW1cmT/k1xKmEuLnBMU5PEvykLjKCTbsBlw= referrer-policy no-referrer-when-downgrade server ATS expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 access-control-allow-methods GET content-type application/json access-control-allow-origin * x-xss-protection 1; mode=block cache-control public,max-age=3600 content-length 22
GET H2	200	box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response vars.hotjar.com/ Frame 3E98	2 KB 1 KB	95ms 7ms	Document text/html	143.204.209.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1957728.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.209.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-209-94.fra53.r.cloudfront.net Software / Resource Hash 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987 Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-dfc01efbdc94bb0936d9a35a502b0b64.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://client-retention.canadianvisa.org/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ Response headers content-type text/html content-length 1044 date Tue, 20 Jul 2021 13:05:05 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "10714b84569172431728622d7c8098e4" last-modified Tue, 20 Jul 2021 13:04:43 GMT x-amz-server-side-encryption AES256 x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id S_nr13xn6ccOyyNLVTLqhQ2TQwo-k8Mf8MeHJjaNdeU8PaJfEXn4eQ== age 6423328
GET H2	200	ga-audiences www.google.com/ads/	42 B 522 B	43ms 18ms	Image image/gif	142.250.185.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-60594623-1&cid=1261052997.1633209634&jid=1988288075&_u=YGBAgEABAAAAAE~&z=949250181 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 02 Oct 2021 21:20:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com.tr/ads/	42 B 522 B	60ms 25ms	Image image/gif	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.tr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-60594623-1&cid=1261052997.1633209634&jid=1988288075&_u=YGBAgEABAAAAAE~&z=949250181 Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 02 Oct 2021 21:20:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 313 B	24ms 7ms	Image image/gif	157.240.236.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=638202162930393&ev=PageView&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&rl=&if=false&ts=1633209633932&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633209633931.1471621874&it=1633209633817&coo=false&exp=p1&rqm=GET Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-frx5.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:33 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sat, 02 Oct 2021 21:20:33 GMT
GET H/1.1	200 OK	sp.pl sp.analytics.yahoo.com/	43 B 962 B	125ms 37ms	Image image/gif	212.82.100.181 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2002%20Oct%202021%2021%3A20%3A33%20GMT&n=0&b=Dashboard%20-%20Canadian%20visa&.yp=10159335&f=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&enc=UTF-8&yv=1.10.1&tagmgr=gtm Requested by Host: client-retention.canadianvisa.org URL: https://client-retention.canadianvisa.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spdc.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 02 Oct 2021 21:20:34 GMT X-Content-Type-Options nosniff Age 0 Connection keep-alive Content-Length 43 X-XSS-Protection 1; mode=block Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Server ATS X-Frame-Options DENY Expect-CT max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" Strict-Transport-Security max-age=31536000 Content-Type image/gif Cache-Control no-cache, private, must-revalidate Accept-Ranges bytes Expires Sat, 02 Oct 2021 21:20:34 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1957728/	146 B 323 B	110ms 41ms	XHR application/json	54.76.144.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1957728/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.144.107 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-144-107.eu-west-1.compute.amazonaws.com Software / Resource Hash ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36 Request headers Referer https://client-retention.canadianvisa.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Sat, 02 Oct 2021 21:20:34 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	get_configuration Show response api.livechatinc.com/v3.3/customer/action/	4 KB 1 KB	153ms 153ms	Script application/javascript	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13012263&version=110.2.2.261.432.70.38.3.1.1.1.6&group_id=2&jsonp=__lc_static_config Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software / Resource Hash 56b0b145007bca2b4b367078db9feb8873c84fafd2157df2139cd5e31fd5809d Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:34 GMT content-encoding gzip cache-control public, max-age=600 content-type application/javascript; charset=UTF-8 content-length 1263 vary Accept-Encoding expires Sat, 02 Oct 2021 21:30:34 GMT
GET H2	200	open_chat Show response secure.livechatinc.com/customer/action/ Frame 3B54	4 KB 2 KB	155ms 140ms	Document text/html	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0 Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software / Resource Hash 1e0ae1246e87acbd11e3eb00d054b01872574a447c3deee41253690ff03240c2 Request headers :method GET :authority secure.livechatinc.com :scheme https :path /customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://client-retention.canadianvisa.org/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ Response headers content-encoding gzip content-type text/html; charset=utf-8 vary Accept-Encoding content-length 1997 expires Sat, 02 Oct 2021 21:20:34 GMT cache-control max-age=0, no-cache, no-store pragma no-cache date Sat, 02 Oct 2021 21:20:34 GMT
GET H2	200	get_localization Show response api.livechatinc.com/v3.3/customer/action/	11 KB 4 KB	138ms 137ms	Script application/javascript	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13012263&version=ae864b109b85f5ea248e52050fc10cfd_2b6be7f633891d681bc75ccb95dc1568&language=en&group_id=2&jsonp=__lc_localization Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software / Resource Hash a07fd536ceaf4de60778e6210ab77f785d8892b948ff1cd61128673faa3faee6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:34 GMT cache-control public, max-age=600 content-type application/javascript; charset=UTF-8 content-encoding gzip content-length 3900 vary Accept-Encoding expires Sat, 02 Oct 2021 21:30:34 GMT
GET H3	200	css fonts.googleapis.com/ Frame 3B54	5 KB 711 B	32ms 17ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 02 Oct 2021 20:32:06 GMT server ESF date Sat, 02 Oct 2021 21:20:34 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sat, 02 Oct 2021 21:20:34 GMT
GET H2	200	0.62bfa686.chunk.js Show response cdn.livechatinc.com/widget/static/js/ Frame 3B54	209 KB 65 KB	7ms 6ms	Script application/javascript	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/widget/static/js/0.62bfa686.chunk.js Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 8f9c98660328c2de1162301940b5c0536e9057da62dd7b3fc86761a7c6386afa Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id eVXHIMEx6abAnlP1hKeqGR46266Rwd8. content-encoding br last-modified Wed, 29 Sep 2021 09:18:26 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 etag W/"22193b75239eab7b0a2db54cf546f57a" vary Accept-Encoding x-edge-origin-shield-skipped 0 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 date Sat, 02 Oct 2021 21:20:34 GMT content-length 66001 x-amz-cf-id S4zveY5sUM0R3f6y8gcmdJu1Pq-o64d9d5L3TcV7O0aK0xYV3V0VUA== expires Sun, 02 Oct 2022 21:20:34 GMT
GET H2	200	3.feadd832.chunk.js Show response cdn.livechatinc.com/widget/static/js/ Frame 3B54	170 KB 48 KB	13ms 13ms	Script application/javascript	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/widget/static/js/3.feadd832.chunk.js Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c501464c903e59f10ee3766258e94a9cd002394d86ca4b3294c6c89289a012e6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id _7CRhUChXejkdTibh0OvZFo006jyHbXB content-encoding br last-modified Wed, 29 Sep 2021 09:18:26 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag W/"b96d7377701d1e2e313a01e01b4f4d16" vary Accept-Encoding x-edge-origin-shield-skipped 0 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 date Sat, 02 Oct 2021 21:20:34 GMT content-length 48483 x-amz-cf-id mife28pKjLWgsdiBWZ3938Dx9jTziUKPxbvg8tKiBDCNDhc4Ly03xQ== expires Sun, 02 Oct 2022 21:20:34 GMT
GET H2	200	iframe.cbad4294.chunk.js Show response cdn.livechatinc.com/widget/static/js/ Frame 3B54	444 KB 121 KB	15ms 15ms	Script application/javascript	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/widget/static/js/iframe.cbad4294.chunk.js Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 4de4aead3f795a4f6d70caa31c64cbc8e503e2504e1fc9ac88358632037a8b53 Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id ADwnSTHgLnC3Zn1v7xoeX8RF3w6O_6hP content-encoding br last-modified Wed, 29 Sep 2021 09:18:27 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"f9f592c776461c5fe0207431e359c7b7" vary Accept-Encoding x-edge-origin-shield-skipped 0 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 date Sat, 02 Oct 2021 21:20:34 GMT content-length 123690 x-amz-cf-id WFu8tugwLXdcqPlCo4NY_5DMu8JBdIdUlsvMTjwYjkF1fS5RbPmYlg== expires Sun, 02 Oct 2022 21:20:34 GMT
GET H3	200	o-0IIpQlx3QUlC5A4PNr5TRA.woff2 fonts.gstatic.com/s/notosans/v21/ Frame 3B54	16 KB 16 KB	22ms 8ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.livechatinc.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 17:44:02 GMT x-content-type-options nosniff age 358592 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16056 x-xss-protection 0 last-modified Tue, 14 Sep 2021 16:44:52 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 28 Sep 2022 17:44:02 GMT
GET H3	200	o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 fonts.gstatic.com/s/notosans/v21/ Frame 3B54	16 KB 16 KB	24ms 10ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.livechatinc.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 17:44:02 GMT x-content-type-options nosniff age 358592 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16180 x-xss-protection 0 last-modified Tue, 14 Sep 2021 16:43:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 28 Sep 2022 17:44:02 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	16ms 7ms	Image image/gif	157.240.236.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=638202162930393&ev=PageView&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&rl=&if=false&ts=1633209634654&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633209633931.1471621874&it=1633209633817&coo=false&exp=p1&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-frx5.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:34 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Sat, 02 Oct 2021 21:20:34 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	37 KB 14 KB	51ms 28ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 3c413e6f30cb2cf3ec2a5f89ba78df10d39d3543a8caa51bbf7465cf79df6c25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:34 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14200 x-xss-protection 0 server cafe etag 4452986139866574171 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 02 Oct 2021 21:20:34 GMT
POST H2	200	token Show response accounts.livechatinc.com/customer/ Frame 3B54	138 B 909 B	267ms 218ms	XHR application/json	2.16.186.211 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.livechatinc.com/customer/token Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/widget/static/js/0.62bfa686.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-211.deploy.static.akamaitechnologies.com Software / Resource Hash 4cf8ffba6a9818e4caa029cbd6c4ba1ed2c49b3a3c92fa096fafa2bec75d20c3 Request headers Referer https://secure.livechatinc.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 02 Oct 2021 21:20:34 GMT access-control-allow-methods GET,PUT,POST,DELETE,PATCH content-type application/json access-control-allow-origin https://secure.livechatinc.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization, X-API-Type, X-Application, X-Region content-length 138 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/873086315/	2 KB 2 KB	70ms 29ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/873086315/?random=1633209634719&cv=9&fst=1633209634719&num=1&label=g9acCJ22yWoQ6_qooAM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&tiba=Dashboard%20-%20Canadian%20visa&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash bce5d56461fd249fb03d8d586eeb79d020d12c9a3ac9bbd1edc17cdc5647fcb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 02 Oct 2021 21:20:34 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1078 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/873086315/	42 B 64 B	36ms 19ms	Image image/gif	142.250.185.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/873086315/?random=1633209634719&cv=9&fst=1633208400000&num=1&label=g9acCJ22yWoQ6_qooAM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&frm=0&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&tiba=Dashboard%20-%20Canadian%20visa&async=1&fmt=3&is_vtc=1&random=2462387509&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 02 Oct 2021 21:20:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com.tr/pagead/1p-user-list/873086315/	42 B 64 B	35ms 20ms	Image image/gif	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.tr/pagead/1p-user-list/873086315/?random=1633209634719&cv=9&fst=1633208400000&num=1&label=g9acCJ22yWoQ6_qooAM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&frm=0&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&tiba=Dashboard%20-%20Canadian%20visa&async=1&fmt=3&is_vtc=1&random=2462387509&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 02 Oct 2021 21:20:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	7ms 7ms	Image image/gif	157.240.236.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=638202162930393&ev=Microdata&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&rl=&if=false&ts=1633209635435&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Dashboard%20-%20Canadian%20visa%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=2&o=30&fbp=fb.1.1633209633931.1471621874&it=1633209633817&coo=false&es=automatic&tm=3&exp=p1&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-frx5.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://client-retention.canadianvisa.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 02 Oct 2021 21:20:35 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Sat, 02 Oct 2021 21:20:35 GMT