www.onlinecorrection.com Open in urlscan Pro
51.222.41.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://onlinecorrection.com/
Effective URL:
https://www.onlinecorrection.com/
Submission: On February 05 via api (February 5th 2024, 9:12:42 am UTC) from US — Scanned from CA

Summary HTTP 79 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 79 HTTP transactions. The main IP is 51.222.41.187, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is www.onlinecorrection.com.
TLS certificate: Issued by R3 on December 25th 2023. Valid for: 3 months.

This is the only time www.onlinecorrection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	51.222.41.187 51.222.41.187	16276 (OVH) (OVH)
2 19	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c06::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c1d::67	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
4	142.251.167.155 142.251.167.155	15169 (GOOGLE) (GOOGLE)
79	12

21 51.222.41.187 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns5002619.ip-51-222-41.net

onlinecorrection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.onlinecorrection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4004:c1d::9b (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::67 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	387 KB
21	onlinecorrection.com 1 redirects onlinecorrection.com www.onlinecorrection.com	69 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	73 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	103 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	107 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
79	8

	Domain	Requested by
20	www.onlinecorrection.com	www.onlinecorrection.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.onlinecorrection.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googleadservices.com	www.onlinecorrection.com
4	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	onlinecorrection.com	1 redirects
79	12

This site contains links to these domains. Also see Links.

Domain
www.germancorrector.com
www.frenchcorrector.com
www.spanishcorrector.com
www.portuguesecorrector.com
www.polishcorrector.com
www.italiancorrector.com
www.russiancorrector.com
www.onlinecorrectie.nl
www.ukrainiancorrection.com
www.arabiccorrection.com
www.esperantokorekto.com
www.chinesecorrection.com

Subject Issuer	Validity	Valid
www.onlinecorrection.com R3	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.onlinecorrection.com/
Frame ID: 4F1F691FD3D3E1919F417E5A2489A5AC
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Frame ID: 2E2D12F9E3B25B438478AF95A45CDAC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&adk=1812271804&adf=3025194257&lmt=1707124358&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707124357582&bpp=4&bdt=745&idt=744&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4358682070242&frm=20&pv=2&ga_vid=1065917681.1707124358&ga_sid=1707124358&ga_hid=2141162993&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C42532264%2C42532524%2C95322434%2C95320378%2C95324155%2C95324160%2C21065725&oid=2&pvsid=3000488173003525&tmod=173883114&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=761
Frame ID: 711731FEFE9AFFB077DE6C0C5CD91BAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1707124358&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707124357586&bpp=2&bdt=748&idt=764&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4358682070242&frm=20&pv=1&ga_vid=1065917681.1707124358&ga_sid=1707124358&ga_hid=2141162993&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C42532264%2C42532524%2C95322434%2C95320378%2C95324155%2C95324160%2C21065725&oid=2&pvsid=3000488173003525&tmod=173883114&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=769
Frame ID: 83A4265D36342070E74F30300AE1596A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 66ECE5739EE30E260350821299C1E6DA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8CE6203D301887930D24792D31455F67
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 58AF29BEF8B5A04FC290621D9C7F446A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 0F0743375155E247DF463DE97AE6C89C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A03389EEBF3D445540A411374322AAF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55263D1EBEDC281A54FEC4337ADC4574
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Text Correction

Page URL History Show full URLs

http://onlinecorrection.com/ HTTP 301
https://www.onlinecorrection.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

97 %
HTTPS

82 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

873 kB
Transfer

2381 kB
Size

3
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.germancorrector.com/
Title: GermanCorrector.com

Search URL Search Domain Scan URL

URL: https://www.frenchcorrector.com/
Title: FrenchCorrector.com

Search URL Search Domain Scan URL

URL: https://www.spanishcorrector.com/
Title: SpanishCorrector.com

Search URL Search Domain Scan URL

URL: https://www.portuguesecorrector.com/
Title: PortugueseCorrector.com

Search URL Search Domain Scan URL

URL: https://www.polishcorrector.com/
Title: PolishCorrector.com

Search URL Search Domain Scan URL

URL: https://www.italiancorrector.com/
Title: ItalianCorrector.com

Search URL Search Domain Scan URL

URL: https://www.russiancorrector.com/
Title: RussianCorrector.com

Search URL Search Domain Scan URL

URL: https://www.onlinecorrectie.nl/
Title: OnlineCorrectie.nl

Search URL Search Domain Scan URL

URL: https://www.ukrainiancorrection.com/
Title: UkrainianCorrection.com

Search URL Search Domain Scan URL

URL: https://www.arabiccorrection.com/
Title: ArabicCorrection.com

Search URL Search Domain Scan URL

URL: https://www.esperantokorekto.com/
Title: EsperantoKorekto.com

Search URL Search Domain Scan URL

URL: https://www.chinesecorrection.com/
Title: ChineseCorrection.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://onlinecorrection.com/ HTTP 301
https://www.onlinecorrection.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 53

https://googleads.g.doubleclick.net/pagead/adview?ai=CMjvWhqbAZf2DGenXoPMPqP-dgAautMXRddL2-5_KEure0uCyARABIOWy5wpg_cCUgegDoAGlm-SoAcgBCagDAcgDywSqBIkCT9BH_Dp9mfZ6Ug9oEuJUyxG-LIH5GSL5mgoOcg_sLsrSoBNfgsRN2HHMS9yaxowfb5yi-XYeiYDMgM2wPulEJZt-kdeVbDMfN_9Q0PYLK1HilPzSEFpsMML3V9vYbuXGeaYtilXqV5F9oQq4ht9Lal-7BeXgQpG8o9LHZb21hYs1nmgA6CXmQHhcFAinLkKL7yvnkOkEMnW8fUHCUt-JhXWTfmyInKrTRU5BZJ463Fe_xdOMj6CIMOF3WK1jysDY-5mfVboF1eH5hcZ5ngvAZAHEtfRY2IvAoQR_DDc7VSvCqsXs5eZ-tkKH3LMnq1SBBtpdYDwFhUbKtOo2VYg18lLSYaY3b3FklsAEi8CX3MgEiAWK9qbMQJIFBAgEGAGSBQQIBRgEoAYugAfftscpqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQh7IE0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljus-Hn7ZOEA5oJZmh0dHBzOi8vd3d3LmxlbnNjcmFmdGVycy5jb20vbGMtdXMvZXllLWV4YW0_Y2lkPU1NLVNHQV8yMTA2MTYtVVMtRU4tTG9jYWxDYW1wYWlnbi0yMDIyX18mZ2Nsc3JjPWF3LmRzJoAKAcgLAZgMyJq069EE2gwRCgsQ0J79y5aXiN2xARICAQO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTE4NzczNjcyMjY5Mjk5MTcYAA&sigh=T5my0f8A-XY&uach_m=%5BUACH%5D&ase=2&cid=CAQSGwAvHhf_Oj6Wr_t8Q5KFc-sfHgf4lkSLh05tjRgB&template_id=515&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbb6844f9fc2d392d0000000000000000%22,%222%22:%220xf6e94f25ff5975220000000000000000%22,%223%22:%220x7664d250727b159b0000000000000000%22,%224%22:%220x90251319f991abfd0000000000000000%22,%225%22:%220x9fd4bb041e54e9f60000000000000000%22},%22debug_key%22:%229413746678903181674%22,%22debug_reporting%22:true,%22destination%22:%22https://lenscrafters.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22353963429%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210864242637585768817%22}&andc=true

Request Chain 57

https://googleads.g.doubleclick.net/pagead/adview?ai=CWcbThqbAZfPHGZHUoPMPyImHgAKhnY3SdYekxsf9EbCQHxABIOWy5wpg_cCUgegDoAGvtdrhA8gBAakCCxtKdaPsqD6oAwHIA8sEqgT9AU_QxgaPLqogASyn57my1nfNFiHhLfNtToHXaPWJLrYIvv-HUEDLI-E1ussHJ2WQxDNk8eFCBYKG4C-lw86U3bl0YPQ1rs5RISenbQT44tCUr6dtLMJGEF7-fee775kLfk0ovOXYh-138pBEzl34ouaQArZor7IlOjUcFvNSBkt25Ygrk2I57I926p5pJPQDA0b_QiqIXJA_Yyr08bEazZsxm4SwtcVGWgo-3gz4h2wJGx8FiBLgp_H2BjoCHh8lG3JuCsyH8o9Wr01qxWXwhcMAWXub4ikxVpLuQJVQfCneQDEJBPGlCiZfvWKY8v0qyWfxfL_hqP4D3Mg-GMTABOrRta6oBIgFl9OntUySBQQIBBgBkgUECAUYBIAHucqlHqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJqlFNIIHwiAYRABGF8yAooCOgSAQIBASL39wTpY1oXi5-2ThAOaCR1odHRwczovL21hdGhpZnkudHZvbGVhcm4uY29tL4AKAcgLAdoMEQoLEPCx7LCX5vu4ugESAgED2BMNiBQD0BUBmBYBgBcBshccChoIABIUcHViLTE4NzczNjcyMjY5Mjk5MTcYAA&sigh=Krn_ctVKXI4&uach_m=%5BUACH%5D&ase=2&cid=CAQSGwAvHhf_bZpgEZ8QD6fzwUR-hdXnFdm5ZoWV5RgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x971996fa1eecaf3b0000000000000000%22,%222%22:%220x1f5d8407d177f0b10000000000000000%22,%223%22:%220xf0d628d7097300220000000000000000%22,%224%22:%220x57c1289f7af6e79e0000000000000000%22,%225%22:%220x92e8e765a2a7190f0000000000000000%22},%22debug_key%22:%226244309152375131201%22,%22debug_reporting%22:true,%22destination%22:%22https://tvolearn.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221010211503%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226187552936791019985%22}&andc=true

79 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.onlinecorrection.com/
Redirect Chain

http://onlinecorrection.com/
https://www.onlinecorrection.com/

64 KB
16 KB

1337ms
94ms

Document
text/html

51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinecorrection.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5002619.ip-51-222-41.net

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

ad0ecefbe30d710db704935129559a0412d4bb882328bcdd481ecde3c49b94e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 15975
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Feb 2024 09:12:36 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 327
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 05 Feb 2024 09:12:35 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.onlinecorrection.com/
Server: Apache/2.4.41 (Ubuntu)

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 611ms
165ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1877367226929917

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e15530d2456b768a3550d24a7719254def86e222d4be6af69fd55c1e626ab807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Origin: https://www.onlinecorrection.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51513
x-xss-protection: 0
server: cafe
etag: 7566215267614487426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 09:12:37 GMT

GET
H/1.1 200
OK jquery-3.6.0.slim.min.js Show response
www.onlinecorrection.com/res/ 71 KB
24 KB 89ms
89ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/jquery-3.6.0.slim.min.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "11ab4-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24640

GET
H/1.1 200
OK cookies.min.js Show response
www.onlinecorrection.com/res/ 3 KB
1 KB 182ms
78ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/cookies.min.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ab83788139956dd9661b85613bd42b7f43c67908008e021866fd658fece6f4e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a1c-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1125

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
www.onlinecorrection.com/res/ 17 KB
5 KB 262ms
79ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/jquery.tooltipster.min.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4473-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4850

GET
H/1.1 200
OK errormarks.js Show response
www.onlinecorrection.com/res/ 6 KB
2 KB 342ms
89ms Script
application/javascript 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinecorrection.com/res/errormarks.js
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: edbfa34373e25f671ce65739c3249ff1056ee237f0dbcd73723a2d49f35177ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "17e3-60d0250157458-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1864

GET
H/1.1 200
OK logo.png
www.onlinecorrection.com/res/ 800 B
1 KB 77ms
77ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/logo.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b30c03afa602a2e20bc074893f068f8495df07cf9475e1050b94b29e9bcf76fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "320-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 800

GET
H/1.1 200
OK handmadepaper.png
www.onlinecorrection.com/res/ 6 KB
7 KB 78ms
77ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/handmadepaper.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a0e5f8d7a3115b0436ef2935f35fe84696de090d5f88ed5def3df772845e1e30

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1962-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6498

GET
H/1.1 200
OK en.png
www.onlinecorrection.com/res/flags/ 599 B
925 B 147ms
145ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/en.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "257-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 599

GET
H/1.1 200
OK de.png
www.onlinecorrection.com/res/flags/ 545 B
871 B 84ms
82ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/de.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "221-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 545

GET
H/1.1 200
OK fr.png
www.onlinecorrection.com/res/flags/ 545 B
870 B 312ms
78ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/fr.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "221-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 545

GET
H/1.1 200
OK es.png
www.onlinecorrection.com/res/flags/ 469 B
794 B 335ms
82ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/es.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1d5-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 469

GET
H/1.1 200
OK pt.png
www.onlinecorrection.com/res/flags/ 554 B
879 B 147ms
77ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/pt.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "22a-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 554

GET
H/1.1 200
OK pl.png
www.onlinecorrection.com/res/flags/ 374 B
699 B 300ms
81ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/pl.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "176-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 374

GET
H/1.1 200
OK it.png
www.onlinecorrection.com/res/flags/ 420 B
745 B 243ms
83ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/it.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1a4-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 420

GET
H/1.1 200
OK ru.png
www.onlinecorrection.com/res/flags/ 420 B
745 B 219ms
77ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/ru.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1a4-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 420

GET
H/1.1 200
OK nl.png
www.onlinecorrection.com/res/flags/ 453 B
778 B 303ms
82ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/nl.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1546928846ee0a8377fd30865d4c43cef501eba7d775d494b98d1ce699627a4a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1c5-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 453

GET
H/1.1 200
OK uk.png
www.onlinecorrection.com/res/flags/ 446 B
771 B 159ms
83ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/uk.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9ae2f204178855c4fdb29ce75a0a1b2588fc3db3a7084d29715876bacd293508

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1be-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 446

GET
H/1.1 200
OK ar.png
www.onlinecorrection.com/res/flags/ 184 B
508 B 225ms
77ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/ar.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6b5601da7eb294ca1f03d3a2fc24137ed78a8db76197b7316fc2ad426a22c49a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "b8-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 184

GET
H/1.1 200
OK eo.png
www.onlinecorrection.com/res/flags/ 2 KB
3 KB 142ms
77ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/eo.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a1529984461958356645c91d7c1c9989c85dd497162f7753ebedb7463a27062e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "951-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2385

GET
H/1.1 200
OK cn.png
www.onlinecorrection.com/res/flags/ 472 B
797 B 221ms
82ms Image
image/png 51.222.41.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecorrection.com/res/flags/cn.png
Requested by: Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.41.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5002619.ip-51-222-41.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7058233b5bdfdd4279e92e9dfe64bd4a61afd7e76d97dba498ce1d5777b92185

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:12:37 GMT
Last-Modified: Thu, 21 Dec 2023 10:10:44 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1d8-60d0250157458"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 472

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 406 KB
138 KB 565ms
185ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1877367226929917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af1ccc44b7a5bcaacca50740cba0cac560b2d662349f096ed4caa2790f416e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140881
x-xss-protection: 0
server: cafe
etag: 11662898176020537217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:12:38 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame 2E2D 9 KB
5 KB 521ms
134ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1877367226929917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 58079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 17:04:39 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 17:04:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7117 192 KB
52 KB 521ms
521ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&adk=1812271804&adf=3025194257&lmt=1707124358&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707124357582&bpp=4&bdt=745&idt=744&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4358682070242&frm=20&pv=2&ga_vid=1065917681.1707124358&ga_sid=1707124358&ga_hid=2141162993&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C42532264%2C42532524%2C95322434%2C95320378%2C95324155%2C95324160%2C21065725&oid=2&pvsid=3000488173003525&tmod=173883114&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=761

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5325d9dcddf2c21e67809dc7917f0d4c0d8c51412d7b8ba86bd6cac0f0ebd9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 53344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:12:38 GMT
expires: Mon, 05 Feb 2024 09:12:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83A4 127 KB
42 KB 563ms
562ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1707124358&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707124357586&bpp=2&bdt=748&idt=764&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4358682070242&frm=20&pv=1&ga_vid=1065917681.1707124358&ga_sid=1707124358&ga_hid=2141162993&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C42532264%2C42532524%2C95322434%2C95320378%2C95324155%2C95324160%2C21065725&oid=2&pvsid=3000488173003525&tmod=173883114&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=769

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93a20a46f7cc4f071d70c8db614b27aaa3f3372d02c621a4b74317a29c1ae242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43336
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:12:38 GMT
expires: Mon, 05 Feb 2024 09:12:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 73134fbfa16854d24caf7cd541ab86d9.js Show response
www.gstatic.com/mysidia/ Frame 83A4 9 KB
4 KB 531ms
139ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1707124358&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707124357586&bpp=2&bdt=748&idt=764&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4358682070242&frm=20&pv=1&ga_vid=1065917681.1707124358&ga_sid=1707124358&ga_hid=2141162993&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C42532264%2C42532524%2C95322434%2C95320378%2C95324155%2C95324160%2C21065725&oid=2&pvsid=3000488173003525&tmod=173883114&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4097
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 12:42:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 May 2024 18:07:57 GMT

GET
H2 200 0a9824a76925f541c4e429981e9065a7.js Show response
www.gstatic.com/mysidia/ Frame 83A4 11 KB
5 KB 529ms
137ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a9824a76925f541c4e429981e9065a7.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4782
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 May 2024 15:45:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 83A4 14 KB
2 KB 518ms
125ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 09:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 09:03:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 09:12:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 83A4 2 KB
903 B 113ms
111ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 13:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 13:11:18 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 165 KB
56 KB 137ms
136ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a74ffb8930de33012a41d17a1a438f27f904fc8eb20647989d005e68ce849df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57038
x-xss-protection: 0
server: cafe
etag: 14516393260403836195
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:12:39 GMT

GET
H2 200 ca-pub-1877367226929917 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 559ms
169ms Script
application/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1877367226929917?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9586f6bbd90606d14a967ab6afccfa47ae5219c238fef97a8e22e392afc632a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hd2BZwKzNM962FqlTvzQUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-hd2BZwKzNM962FqlTvzQUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sOoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLhaD_btI5NoOH78yYmAHiqU3s"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 83A4 23 KB
9 KB 114ms
113ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:55:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 83A4 3 KB
1 KB 113ms
112ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:58:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 83A4 20 KB
9 KB 516ms
135ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:47:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:47:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83A4 205 KB
65 KB 499ms
113ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:12:39 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 83A4 37 KB
15 KB 113ms
112ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 May 2024 08:10:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 66EC 143 B
166 B 109ms
109ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1877367226929917&output=html&h=280&slotname=7191053093&adk=1141583786&adf=1608967346&pi=t.ma~as.7191053093&w=980&fwrn=4&fwrnh=100&lmt=1707124358&rafmt=1&format=980x280&url=https%3A%2F%2Fwww.onlinecorrection.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707124357586&bpp=2&bdt=748&idt=764&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4358682070242&frm=20&pv=1&ga_vid=1065917681.1707124358&ga_sid=1707124358&ga_hid=2141162993&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C42532264%2C42532524%2C95322434%2C95320378%2C95324155%2C95324160%2C21065725&oid=2&pvsid=3000488173003525&tmod=173883114&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=769
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 08:26:11 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 83A4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca593a8430b3b7eee426adfaae280e13dc9d04741566d718b232bc2ce4310c80

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 66EC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

117ms
117ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:12:40 GMT
expires: Mon, 05 Feb 2024 09:12:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:12:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame 8CE6 9 KB
4 KB 109ms
109ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 44750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 20:46:49 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 20:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVeIq8HqBWqBINxGGhZ7pyy35CCixSHo41WZrq4gP7M4H29yBCEyXlFQ-cggDV05V0UbBxR3cCTQw47rRK9_bwZiemWLqkjUSHD4alYN7yWfbhVBP8tMn8DEGzzsEOo-Mv6-vfT_g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 146ms
145ms Script
application/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVeIq8HqBWqBINxGGhZ7pyy35CCixSHo41WZrq4gP7M4H29yBCEyXlFQ-cggDV05V0UbBxR3cCTQw47rRK9_bwZiemWLqkjUSHD4alYN7yWfbhVBP8tMn8DEGzzsEOo-Mv6-vfT_g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTI0MzU5LDc1MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cub25saW5lY29ycmVjdGlvbi5jb20vIixudWxsLFtbOCwiUlVyWkJqa0FPUmsiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMxRcLLibA8mCQ_sI3cuamh_9rJ2tw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c75c55165202ed6c97dfee209d3fcf1ad7f7894716238b8fca73ab93b97ac74

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dwbzTpQbUu1gogaDOtrNRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dwbzTpQbUu1gogaDOtrNRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLhaD_btI5N4MGZud3MAIGVU3s"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 83A4 33 KB
34 KB 529ms
115ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:06:54 GMT
x-content-type-options: nosniff
age: 273946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 05:06:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8CE6 14 KB
1 KB 130ms
129ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 09:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 08:20:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 09:12:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 8CE6 2 KB
856 B 112ms
111ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 13:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 13:11:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 8CE6 23 KB
9 KB 145ms
144ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:55:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 8CE6 3 KB
1 KB 143ms
142ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:58:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 8CE6 20 KB
8 KB 134ms
134ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:47:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:47:49 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 8CE6 225 B
355 B 138ms
137ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 13:13:50 GMT
x-content-type-options: nosniff
server: cafe
age: 71929
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 05 Feb 2024 13:13:50 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CE6 205 KB
65 KB 119ms
118ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:12:39 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 8CE6 37 KB
15 KB 117ms
117ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 May 2024 08:10:36 GMT

GET
H2 200 1036616909501933513
tpc.googlesyndication.com/simgad/ Frame 8CE6 1 KB
2 KB 139ms
139ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1036616909501933513?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8020f79d0ef036ce45e084b379c499366240738b4e7e49bd55979346e6ae8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 04 Feb 2025 06:01:27 GMT
date: Mon, 05 Feb 2024 06:01:27 GMT
x-content-type-options: nosniff
age: 11472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1509
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 13:14:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 8CE6 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8CE6 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8CE6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a64af07404a30e8d84669f920a19acf75c26441746957cfb59696c072c751533

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8CE6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CMjvWhqbAZf2DGenXoPMPqP-dgAautMXRddL2-5_KEure0uCyARABIOWy5wpg_cCUgegDoAGlm-SoAcgBCagDAcgDywSqBIkCT9BH_Dp9mfZ6Ug9oEuJUyxG-LIH5GSL5mgoOcg_sLsrSoBN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbb6844f9fc2d392d0000000000000000%22,%222%22:%220xf6e94f25ff5975220000000000000000%22,%223%22:%220x7664d2...

0
0

477ms
156ms

Fetch
text/css

142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbb6844f9fc2d392d0000000000000000%22,%222%22:%220xf6e94f25ff5975220000000000000000%22,%223%22:%220x7664d250727b159b0000000000000000%22,%224%22:%220x90251319f991abfd0000000000000000%22,%225%22:%220x9fd4bb041e54e9f60000000000000000%22},%22debug_key%22:%229413746678903181674%22,%22debug_reporting%22:true,%22destination%22:%22https://lenscrafters.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22353963429%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210864242637585768817%22}&andc=true

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xbb6844f9fc2d392d0000000000000000","2":"0xf6e94f25ff5975220000000000000000","3":"0x7664d250727b159b0000000000000000","4":"0x90251319f991abfd0000000000000000","5":"0x9fd4bb041e54e9f60000000000000000"},"debug_key":"9413746678903181674","debug_reporting":true,"destination":"https://lenscrafters.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["353963429"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"10864242637585768817"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Feb 2024 09:12:41 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 09:12:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xbb6844f9fc2d392d0000000000000000","2":"0xf6e94f25ff5975220000000000000000","3":"0x7664d250727b159b0000000000000000","4":"0x90251319f991abfd0000000000000000","5":"0x9fd4bb041e54e9f60000000000000000"},"debug_key":"9413746678903181674","debug_reporting":true,"destination":"https://lenscrafters.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["353963429"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"10864242637585768817"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8CE6 33 KB
33 KB 253ms
185ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:06:54 GMT
x-content-type-options: nosniff
age: 273946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 05:06:54 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 58AF 50 KB
19 KB 109ms
109ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: www.onlinecorrection.com
URL: https://www.onlinecorrection.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 16:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 16:44:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 564ms
247ms Preflight
text/html 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 09:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 83A4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWcbThqbAZfPHGZHUoPMPyImHgAKhnY3SdYekxsf9EbCQHxABIOWy5wpg_cCUgegDoAGvtdrhA8gBAakCCxtKdaPsqD6oAwHIA8sEqgT9AU_QxgaPLqogASyn57my1nfNFiHhLfNtToHXaPW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x971996fa1eecaf3b0000000000000000%22,%222%22:%220x1f5d8407d177f0b10000000000000000%22,%223%22:%220xf0d628...

0
0

473ms
155ms

Fetch
text/css

142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x971996fa1eecaf3b0000000000000000%22,%222%22:%220x1f5d8407d177f0b10000000000000000%22,%223%22:%220xf0d628d7097300220000000000000000%22,%224%22:%220x57c1289f7af6e79e0000000000000000%22,%225%22:%220x92e8e765a2a7190f0000000000000000%22},%22debug_key%22:%226244309152375131201%22,%22debug_reporting%22:true,%22destination%22:%22https://tvolearn.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221010211503%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226187552936791019985%22}&andc=true

Protocol

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x971996fa1eecaf3b0000000000000000","2":"0x1f5d8407d177f0b10000000000000000","3":"0xf0d628d7097300220000000000000000","4":"0x57c1289f7af6e79e0000000000000000","5":"0x92e8e765a2a7190f0000000000000000"},"debug_key":"6244309152375131201","debug_reporting":true,"destination":"https://tvolearn.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1010211503"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"6187552936791019985"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Feb 2024 09:12:41 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 09:12:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x971996fa1eecaf3b0000000000000000","2":"0x1f5d8407d177f0b10000000000000000","3":"0xf0d628d7097300220000000000000000","4":"0x57c1289f7af6e79e0000000000000000","5":"0x92e8e765a2a7190f0000000000000000"},"debug_key":"6244309152375131201","debug_reporting":true,"destination":"https://tvolearn.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1010211503"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"6187552936791019985"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 134ms
133ms XHR
application/json 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

232100501a643e64a2cecef987a0ba735f0717acf18e1857ce539af11a716438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12134
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F07 50 KB
19 KB 109ms
109ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 16:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 16:44:44 GMT

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxX_nh7lVcuruRQ53Hjq1yiVrGMONJO1J0W01ZCsXKfj4AtjptinOmLY-Io3VnKpi_EZ6QMCuP-wf8fPwAf0Nkd1ZQ9zWFQqHMK0cjTtEJMW4nt9tshFb7xAJeXIoevtAjrZ3eV90IGy366g3Kh6AXi5ZinhO... 54 B
109 B 138ms
137ms Script
application/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX_nh7lVcuruRQ53Hjq1yiVrGMONJO1J0W01ZCsXKfj4AtjptinOmLY-Io3VnKpi_EZ6QMCuP-wf8fPwAf0Nkd1ZQ9zWFQqHMK0cjTtEJMW4nt9tshFb7xAJeXIoevtAjrZ3eV90IGy366g3Kh6AXi5ZinhOQxJ4tw0JI2aGsTlwbUTGQXMDMMKqAuC/_/aff.htm/samsung_ad./ad_remon_/jitads..name/ads/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxOHLYb6NgJOIaPTH6d9W4NVL5YRw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d2e0d36cd2d080d47ef9bedb268e63a53b366e54e7d05a7cb58413aabe56aa4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ViSlsqeSq9YC8p-lrey3Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ViSlsqeSq9YC8p-lrey3Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLh6DjbtI5N4EbP1NNMAHR_U1s"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 109ms
108ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24657
x-xss-protection: 0
server: cafe
etag: 1770201614985610734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:01:10 GMT

POST
H3 204 AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 612ms
199ms XHR
text/html 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mrfRMT2ilNF9agdL0LjZrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-mrfRMT2ilNF9agdL0LjZrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc3SebVrHJvBi6fcgAMJhIkE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 222ms
221ms Preflight
text/html 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 09:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 113ms
112ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 09:12:40 GMT

POST
H3 204 AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 415ms
134ms XHR
text/html 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nfjfUkf7UMToCiFdAVy7eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-nfjfUkf7UMToCiFdAVy7eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc3SebVrHJrDi3h0jAMcGIg8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A033 13 KB
5 KB 114ms
112ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 23142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 02:46:58 GMT
expires: Tue, 04 Feb 2025 02:46:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5526 829 B
999 B 136ms
135ms Document
text/html 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ca428d6738f094892c558542d1a7f965f0a0c9498cb3ae219c84d439fb41d6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FIiSDFB5x77lkF3RLcZr-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinecorrection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FIiSDFB5x77lkF3RLcZr-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:12:40 GMT
expires: Mon, 05 Feb 2024 09:12:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 474ms
203ms XHR
text/html 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Knle3uzo4S_Gf59t66mzFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Knle3uzo4S_Gf59t66mzFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc3SebVrHJnBj599gAMO-IlA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 473ms
201ms XHR
text/html 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a-uCHL469X0cg5IU91DJPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a-uCHL469X0cg5IU91DJPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc3SebVrHJnDi3e9gAMLFIm8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.onlinecorrection.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUHnRbdKqIc5ppMThOgB9owW46a-ezYyUwOcilsxR1z9deBQsgi0D44JXclA7faen2ikWFyyH3k0LerX9IyI6rR-L1__ofnWX6baY57uxmCyGz9sx_tdy3lsLNMSlXfgknT5dJwMA== Show response
fundingchoicesmessages.google.com/f/ 5 KB
2 KB 150ms
150ms Script
application/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUHnRbdKqIc5ppMThOgB9owW46a-ezYyUwOcilsxR1z9deBQsgi0D44JXclA7faen2ikWFyyH3k0LerX9IyI6rR-L1__ofnWX6baY57uxmCyGz9sx_tdy3lsLNMSlXfgknT5dJwMA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTI0MzYwLDc3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm9ubGluZWNvcnJlY3Rpb24uY29tLyIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bf43e7528b1daf144b9bdaab6e4bed85e35c39efcf877b348c55185742dbe3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kpg6HXza6I9jKvCIVYiVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kpg6HXza6I9jKvCIVYiVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLh6DjbtI5N4MDBpVOYAXuUU1s"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame A033 39 KB
15 KB 110ms
109ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 04:33:01 GMT

POST
H3 204 AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 320ms
205ms XHR
text/html 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zfoHZxTabeRLnvFX7l2MgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zfoHZxTabeRLnvFX7l2MgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc3SebVrHJtDRsT4UAMX3IZE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWFszj9kbb_cG_UMA6g3YtGb3WkUdCXrQk8nOvm5F0LRc0BT3lV5z-xPbpe6ZysT8J1E2KeORNADkc7uiY-RiFpQ6GYzfCQLU4V1hpx_DOkEz5-QWNhXIXuK76k9QB1k6KCTpOE1A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 148ms
148ms Script
application/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWFszj9kbb_cG_UMA6g3YtGb3WkUdCXrQk8nOvm5F0LRc0BT3lV5z-xPbpe6ZysT8J1E2KeORNADkc7uiY-RiFpQ6GYzfCQLU4V1hpx_DOkEz5-QWNhXIXuK76k9QB1k6KCTpOE1A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTI0MzYwLDkyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm9ubGluZWNvcnJlY3Rpb24uY29tLyIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2776289f07bdc66694c33b9a767eb6502fdfbda75b94689e53e4e3683eb39b7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9ql0qM5m4hFxxMX_EnQgFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9ql0qM5m4hFxxMX_EnQgFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLm6DzbtI5N4MDhpYwAK4NSzA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5526 0
0 169ms
168ms Image
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=3000488173003525&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 AGSKWxUZcMD3MLhylxq4mLy4vuMylPzmX1AI8JdFjRKf4bmdpsR33Drit3LvrL36ItLAw3Rth9hqVs84fF5OBJJBE5MxxpEmaWPRHQbLClyohvoRLHjGtWYU4o02R_vh57NBdmWOZKgJ8Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 146ms
146ms Script
application/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUZcMD3MLhylxq4mLy4vuMylPzmX1AI8JdFjRKf4bmdpsR33Drit3LvrL36ItLAw3Rth9hqVs84fF5OBJJBE5MxxpEmaWPRHQbLClyohvoRLHjGtWYU4o02R_vh57NBdmWOZKgJ8Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTI0MzYxLDg4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3d3dy5vbmxpbmVjb3JyZWN0aW9uLmNvbS8iLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f249061b4aa444ece98005321ab87b7be6f1a0c492e926d30bf48f639a3b54e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vMV-9JxnUwNrpjBHCn34OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-vMV-9JxnUwNrpjBHCn34OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLm6DzbtI5NoOHgEj8AI9tSzQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A033 0
10 B 112ms
111ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CDm1Tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CE6 42 B
64 B 172ms
172ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxjmc68Ng48vT_DH4DTODehFIFJdDUc6brPi7mXn3g59cG_wYwWfm1D9T6ZYD48AEfkVnf6oVbMUMqMomwZ7zV4dFDJ90euaDAhmmbQL1gz-Pi18EvvUiGa30EQkD_Y1hik4q90w_igP-nJE-xWnVFr1onRKeiRTw9TgOJZi9QCYWu7uq-1rRTbP2XqK9VnjSxbwqy9FYzH24MpxVV9oSjUgQIbcdlo4qSFwSvRJ8Rj-hCQdmCvwTc_MC0xaUOAVTBGNd-cAZ7Oguk2zIq_qAu84XCg_wzcJkN0H7hPKOE_eKH_k73777Y0q8kdXKbp88RlcW5T4GTXg1uG13QQwfGOgF1KLB5cglbJ4OPE8wD0hFt6wAkStX5KsyESlAoQvy9ui7hDrnej2hHJzTCbY6HACM5IeGco4hA9HgHlL-w3AQRP-AURPiDovaRSdsO4uPbyGe9hu210L1zNJJ8iH4B5LXSXd4ib6F6TI9m7Ylw5ePkc8R9n1S5PQB_vBlWDaqAHtfBiRU1qZGpBt42NBz4tgpkVsAFou7E5k1cEc1je6aHzxVI37bqKL25Rz_GUSsrAvC_ugT_yQiC2YSljJE2V6OSkcXL7SeTBAbolDOX5mvh3hBYJsAxXko-DL6Z85d9XQQp-Eyr_VZGhwr5c1cD_mJ3MEaZ409_TEgZ6QE4_1-6ee81yNNJ8SAIP3pTJJyRPtSWXTVcas0m6IvQZZIOnVRpw5qQarh0zPjqybZlxEaReAl4lAHqXqjwZgEyJzcjVV0U92Gofb_eMOMsbeILWmtpuAnGL0O9jME018mQxXbnNUiQPh3V0eMThV0bdD6KJRo7bCvevZIQqEvrNg3_2L0Es7_v4426eI5AH54-d6cjxmy9TOdW2ionKskZdK1SlpEqw-Ar3ojGf5gecyvuuhL2i3n48HJIUl3h4q37nBa4WFqxZNHQ9zGp9su50_68C5rU5BeUyjIuuO1ZzWxEmCp5uzOZlYocCPzhrSarZJvvSgBDtvf23X0AkLnhVdwdWpJ0VglyecL7EVWsZ0SZ-hCkCV5qcp_g0KbkTO9PknrWouT_JLRuR893FRlqK4tbGRzSvxu0BySUkOqzT5Gglb4wueQoz34E95RBWhxfShygvK1Uk9NVVKX8iTz7p9n682PKSKTBhv2c2OswwHlmJGF6g6oxP4ZViySBtzM3r0GDQ_ezu3H7J3lO4v-uUanfXlgarALUaZjyCZRsvk1wJmBxljUtghNFaOTSR4YaXyPyy8QeMqB5pwyHvDvjB12DF3FI5Qnns8-LuOmLIjBrGSpSJFBhELWo2HTbeRCpXmSEKMWp16lu-Ec3ltA6THo918aY7ISC5qs8QoOXY-yeOd0OMtkYxRC4qnKxunFhvKQi6p5Xh-nFIf0_U0CdUwEUq-A&sai=AMfl-YSFyUdcNGViM-OXBfwBKrpVaX_xKHnvAk9BtwnDdXfu2DmLXCG8W2SoubWj040GE6_upfeSICFIqJeBHVZ-UmVR5MrcS-73sA&sig=Cg0ArKJSzE-5wQgGbHkUEAE&cid=CAQSGwAvHhf_Oj6Wr_t8Q5KFc-sfHgf4lkSLh05tjRgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=79,768,1001,1035,1035&tos=79,689,233,34,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=305716000&rst=1707124359740&rpt=374&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 09:12:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUFzMrpmg-RuTKX9CkrZU_qNQdu67xrkwQ3RyLZE6ADsE75ypIbhyM3Z9MWZnk81WxmnoEUNklszU9zSDGn-zVF0NelM9EItGVe_a1Sia13wL3TaPRuktHsgZqv6Dlg9tSYoRrD6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 136ms
136ms XHR
text/html 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUFzMrpmg-RuTKX9CkrZU_qNQdu67xrkwQ3RyLZE6ADsE75ypIbhyM3Z9MWZnk81WxmnoEUNklszU9zSDGn-zVF0NelM9EItGVe_a1Sia13wL3TaPRuktHsgZqv6Dlg9tSYoRrD6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HCyEWZ7rT9iAJTqNqaWR7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-HCyEWZ7rT9iAJTqNqaWR7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcHSebVrHJrChc9IERgDlJSHQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.onlinecorrection.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 200ms
200ms XHR
text/html 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqTXItpfwPQWOWvLIgE34m8p8Ouyj0FgG7X3hpZPy07WEsfbs39FGvfRjYM13GnNFg8b2BnIkYRZOrsNvTR3vydYZkBDGSCq4CohG9DV0fMWUPm2pJS2sZ6wckdsKKC_sQXS_kQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0KINpvrUTHPujaJ-yKuRJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecorrection.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 09:12:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0KINpvrUTHPujaJ-yKuRJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcHSebVrHJrDgxN8NjADpViKQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.onlinecorrection.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83A4 42 B
64 B 230ms
230ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOqcMw6uAnWKPi_XAOopuXJEFmc2i3YFOD22NXbWOzbWevPB1Ma-8r9C09N-jyjIYHHqA1CmkQakTpg7H64JF-hHIHBbq4XfzNG55PrCmQt6hAp3RmxwaVq4MjJfhaMHSyYggWjraoXLpDVtcCgzUO8rA_&sai=AMfl-YTaxklwC4zlP7ZK7GKfloZt2A4I--QC_28oR_ZLjpQMAZ4igd5exMIHfkS5ZEhO44jzcmT9qz9wocfp&sig=Cg0ArKJSzCBEO5Kz-MwFEAE&cid=CAQSGwAvHhf_bZpgEZ8QD6fzwUR-hdXnFdm5ZoWV5RgB&id=lidar2&mcvt=1001&p=0,0,280,980&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1141583786&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=305715900&rst=1707124358356&rpt=2095&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 09:12:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 171ms
170ms Image
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=3000488173003525&bg=!DA-lD0DNAAa8BdJLnAU7ADQBe5WfOD-mKU1cmpv3pCA4zb6L1ld-OfgN2vh3JOxI-izdc3GlYFCFM2Bbr-MMc_4PxA1TAgAAAF5SAAAAB2gBBwoAUBOULuZxz0tn4S8ssIxfYapQsdOVseaXaguK-xfZEAP35IhutqB02RlwBw7HQCJOvmfz9CGgP6jMwkFKUJ0FCeze8O0kpASIILQITL3YFCpKmQLI4MAEfX0Wz0LsC9mP67iqEHwabP2V4QgmSAJJnAqqdHpMfV_mwHT11moF9soHg-uNHBQEGYsS4Aot2RZb7x7-3P_3xf26Bl-ohr7uO0D_MhzkNg2D2wbuDHOF46xPTR_pogVvZeYfpyXQm6d6EkV_R9aWIrJVNkeNTaSCoQbozZVH7gCK_j72bug5A3-Zgw3jLz8s1XQFZErPVmcMRSWTekVTWo1IggJ55R9M5VGa79RsKz4ctUtvbCQw0IeguMxC4oD_LC3raor1dxlNB7Rcss2xf4ZpalOBcbYVcO0W7ePtx6B-ocGt_P9VenJxRKZWNOkNZkaDol0WUMd3L5zIZjak09exX6JgZ_mzMa6kx6AmVLtDP6kY8eYEItcynCfhUGn1R4NqQe1uxsHFVd7ZT9x9hCxYYrg_WjDqRofaQBLWO7a22pJyKJkgkfTW9pYQWoYxlHN96sY5WHyEAPS0XoP2JBX18CDVSsFuy8Neku-XTwokKorso1K5LjH-bHeCEq04hbCG33utvRcM5z4iTdTB9OATQzmCCZwapNBDJYgRBvbySAI-uvYL8FoHOTTuMauxmZeiZiMwWG5xizQu_dZ-7P02Klo83GRabRi5O5VEHif5RmLn0Gz5X38kikoiUHVIhsnEukpBbBu1afPvkUPvWFQauVbK4UjuRz65dWTLMHpEuUCzlt6-kPMBLJLL2jlTT7AtYXykIf7gCGcnBcyuWqq-uGNgmWf53_L70svuZArbUZK48_1wf_htYTJ2kKysTqd6omisN45hKvmWZ0Q3nGQbtgYf3up5ZVOXToX50VY5RU7JdlyxWVQhkvn2bO6wEJffJlJnRhuHMVEDaMzcZ-tIUFoLbbF9pzdkz882hv3th41wXrdaobUodXk2SaRMjl21pot8Df2vL-Jy-7BGJPjfh246j9zgY24pEdnf0M_YxvU6rA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.onlinecorrection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlinecorrection.com/	1970-01-20 22:31:16	Name: __eoi Value: ID=f8e96fe2255ff1f0:T=1707124358:RT=1707124358:S=AA-AfjYlDmdsssxpEmdKELKYAWl6
.doubleclick.net/	1970-01-21 03:48:04	Name: IDE Value: AHWqTUn1RHKXpkS0WxWLV8yZHdiJWB-ER5Vr4u0Q9RbtyZ0bNn57uBlRO573cTHit5Q
.doubleclick.net/	1970-01-20 18:12:07	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
onlinecorrection.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.onlinecorrection.com
142.251.167.155
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::84
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1d::67
2607:f8b0:4004:c1d::9a
2607:f8b0:4004:c1d::9b
51.222.41.187
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0d2e0d36cd2d080d47ef9bedb268e63a53b366e54e7d05a7cb58413aabe56aa4
1546928846ee0a8377fd30865d4c43cef501eba7d775d494b98d1ce699627a4a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
232100501a643e64a2cecef987a0ba735f0717acf18e1857ce539af11a716438
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f
373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4c75c55165202ed6c97dfee209d3fcf1ad7f7894716238b8fca73ab93b97ac74
5325d9dcddf2c21e67809dc7917f0d4c0d8c51412d7b8ba86bd6cac0f0ebd9eb
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5ca428d6738f094892c558542d1a7f965f0a0c9498cb3ae219c84d439fb41d6e
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b5601da7eb294ca1f03d3a2fc24137ed78a8db76197b7316fc2ad426a22c49a
7058233b5bdfdd4279e92e9dfe64bd4a61afd7e76d97dba498ce1d5777b92185
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8a74ffb8930de33012a41d17a1a438f27f904fc8eb20647989d005e68ce849df
93a20a46f7cc4f071d70c8db614b27aaa3f3372d02c621a4b74317a29c1ae242
9586f6bbd90606d14a967ab6afccfa47ae5219c238fef97a8e22e392afc632a5
95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a
9ae2f204178855c4fdb29ce75a0a1b2588fc3db3a7084d29715876bacd293508
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9f249061b4aa444ece98005321ab87b7be6f1a0c492e926d30bf48f639a3b54e
a0e5f8d7a3115b0436ef2935f35fe84696de090d5f88ed5def3df772845e1e30
a1529984461958356645c91d7c1c9989c85dd497162f7753ebedb7463a27062e
a64af07404a30e8d84669f920a19acf75c26441746957cfb59696c072c751533
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab83788139956dd9661b85613bd42b7f43c67908008e021866fd658fece6f4e9
ad0ecefbe30d710db704935129559a0412d4bb882328bcdd481ecde3c49b94e0
af1ccc44b7a5bcaacca50740cba0cac560b2d662349f096ed4caa2790f416e60
b2776289f07bdc66694c33b9a767eb6502fdfbda75b94689e53e4e3683eb39b7
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
b30c03afa602a2e20bc074893f068f8495df07cf9475e1050b94b29e9bcf76fa
ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c
ca593a8430b3b7eee426adfaae280e13dc9d04741566d718b232bc2ce4310c80
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
d8020f79d0ef036ce45e084b379c499366240738b4e7e49bd55979346e6ae8d1
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
e15530d2456b768a3550d24a7719254def86e222d4be6af69fd55c1e626ab807
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
edbfa34373e25f671ce65739c3249ff1056ee237f0dbcd73723a2d49f35177ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7bf43e7528b1daf144b9bdaab6e4bed85e35c39efcf877b348c55185742dbe3

www.onlinecorrection.com Open in urlscan Pro 51.222.41.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

97 %HTTPS

82 %IPv6

8 Domains

12 Subdomains

12 IPs

2 Countries

873 kBTransfer

2381 kBSize

3 Cookies

12 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onlinecorrection.com Open in urlscan Pro
51.222.41.187 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

97 %
HTTPS

82 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

873 kB
Transfer

2381 kB
Size

3
Cookies

79 HTTP transactions
4 data transactions