urlscan.io logo urlscan.io
SecurityTrails logo

www.nosorigines.qc.ca Open in urlscan Pro
64.254.247.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ourorigins.org/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en
Effective URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Submission: On December 12 via api from AU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 2 countries across 18 domains to perform 134 HTTP transactions. The main IP is 64.254.247.158, located in Hampstead, Canada and belongs to MTO, CA. The main domain is www.nosorigines.qc.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 1st 2023. Valid for: a year.
This is the only time www.nosorigines.qc.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 64.254.247.158 21548 (MTO)
24 142.251.167.155 15169 (GOOGLE)
1 3 172.253.63.97 15169 (GOOGLE)
5 142.251.111.101 15169 (GOOGLE)
1 21 172.253.122.155 15169 (GOOGLE)
25 172.253.122.132 15169 (GOOGLE)
14 142.251.167.139 15169 (GOOGLE)
1 142.251.163.148 15169 (GOOGLE)
2 172.253.122.84 15169 (GOOGLE)
5 142.251.163.149 15169 (GOOGLE)
1 172.253.62.94 15169 (GOOGLE)
3 142.251.16.95 15169 (GOOGLE)
4 142.251.16.94 15169 (GOOGLE)
2 99.84.108.106 16509 (AMAZON-02)
5 6 35.169.53.134 14618 (AMAZON-AES)
2 199.250.166.129 26459 (TTD-ASN-01)
2 18.67.60.119 16509 (AMAZON-02)
1 1 23.219.12.236 16625 (AKAMAI-AS)
1 1 52.223.40.198 16509 (AMAZON-02)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 142.251.16.156 15169 (GOOGLE)
1 2 172.253.63.147 15169 (GOOGLE)
3 142.251.163.94 15169 (GOOGLE)
2 172.253.115.156 15169 (GOOGLE)
1 142.251.163.155 15169 (GOOGLE)
6 18.160.46.96 16509 (AMAZON-02)
134 25
5    64.254.247.158 (Hampstead, Canada)

ASN21548 (MTO, CA)
PTR: ip64-254-247-158.dotcom.qc.ca
ourorigins.org
www.nosorigines.qc.ca
24    142.251.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net
pagead2.googlesyndication.com
3    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
ssl.google-analytics.com
5    142.251.111.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f101.1e100.net
apis.google.com
21    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
25    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
tpc.googlesyndication.com
14    142.251.167.139 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f139.1e100.net
fundingchoicesmessages.google.com
1    142.251.163.148 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f148.1e100.net
ad.doubleclick.net
2    172.253.122.84 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f84.1e100.net
accounts.google.com
5    142.251.163.149 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net
s0.2mdn.net
1    172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net
ssl.gstatic.com
3    142.251.16.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f95.1e100.net
fonts.googleapis.com
4    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
www.gstatic.com
2    99.84.108.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-106.iad79.r.cloudfront.net
choices.truste.com
6    35.169.53.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-53-134.compute-1.amazonaws.com
cs.choozle.com
2    199.250.166.129 (United States)

ASN26459 (TTD-ASN-01, US)
vae-bid.adsrvr.org
2    18.67.60.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-60-119.iad89.r.cloudfront.net
ad.adsrvr.org
1    23.219.12.236 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-12-236.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
googleads4.g.doubleclick.net
2    172.253.63.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f147.1e100.net
www.google.com
3    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
2    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
www.googleadservices.com
1    142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
stats.g.doubleclick.net
6    18.160.46.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-96.iad55.r.cloudfront.net
choices.trustarc.com
Apex Domain
Subdomains		 Transfer
49 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
557 KB
23 google.com
apis.google.com — Cisco Umbrella Rank: 116
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
accounts.google.com — Cisco Umbrella Rank: 23
www.google.com — Cisco Umbrella Rank: 2
213 KB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
170 KB
8 gstatic.com
ssl.gstatic.com
www.gstatic.com
fonts.gstatic.com
85 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
416 KB
6 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 875
15 KB
6 choozle.com
cs.choozle.com — Cisco Umbrella Rank: 10891
3 KB
5 adsrvr.org
vae-bid.adsrvr.org — Cisco Umbrella Rank: 2487
ad.adsrvr.org — Cisco Umbrella Rank: 2354
match.adsrvr.org — Cisco Umbrella Rank: 331
259 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
44 KB
4 nosorigines.qc.ca
www.nosorigines.qc.ca
17 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
3 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 587
17 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
857 B
2 truste.com
choices.truste.com — Cisco Umbrella Rank: 890
19 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
295 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
522 B
1 ourorigins.org
ourorigins.org
424 B
134 18
Domain Requested by
25 tpc.googlesyndication.com googleads.g.doubleclick.net
www.nosorigines.qc.ca
tpc.googlesyndication.com
pagead2.googlesyndication.com
24 pagead2.googlesyndication.com www.nosorigines.qc.ca
pagead2.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
www.nosorigines.qc.ca
13 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.nosorigines.qc.ca
8 www.googletagservices.com googleads.g.doubleclick.net
www.googletagservices.com
www.nosorigines.qc.ca
s0.2mdn.net
6 choices.trustarc.com choices.truste.com
www.nosorigines.qc.ca
6 cs.choozle.com 5 redirects googleads.g.doubleclick.net
5 s0.2mdn.net www.nosorigines.qc.ca
s0.2mdn.net
5 apis.google.com www.nosorigines.qc.ca
apis.google.com
accounts.google.com
4 www.gstatic.com googleads.g.doubleclick.net
4 www.nosorigines.qc.ca www.nosorigines.qc.ca
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com googleads.g.doubleclick.net
3 ssl.google-analytics.com 1 redirects www.nosorigines.qc.ca
2 www.googleadservices.com www.nosorigines.qc.ca
2 www.google.com 1 redirects tpc.googlesyndication.com
2 googleads4.g.doubleclick.net www.nosorigines.qc.ca
2 idsync.rlcdn.com 2 redirects
2 ad.adsrvr.org www.nosorigines.qc.ca
2 vae-bid.adsrvr.org www.nosorigines.qc.ca
2 choices.truste.com www.nosorigines.qc.ca
2 accounts.google.com apis.google.com
www.nosorigines.qc.ca
1 stats.g.doubleclick.net www.nosorigines.qc.ca
1 us-u.openx.net googleads.g.doubleclick.net
1 match.adsrvr.org 1 redirects
1 tags.bluekai.com 1 redirects
1 ssl.gstatic.com accounts.google.com
1 ad.doubleclick.net www.googletagservices.com
1 ourorigins.org 1 redirects
134 29

This site contains no links.

Subject Issuer Validity Valid
nosorigines.qc.ca
Sectigo RSA Domain Validation Secure Server CA		 2023-10-01 -
2024-10-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 22 frames:

Primary Page: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Frame ID: 7DCA67C1DFB62CFB4D3C9754BEE5256A
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 51CD74897D18E2D4CB99069EEDD05C9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: B3513B61DE34AE2180DE99CE5C3CC911
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Frame ID: 5F40920E52B5513E3249BE858DA8F4F9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&adk=1812271804&adf=3025194257&lmt=1702390854&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854283&bpp=4&bdt=532&idt=180&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90&nras=1&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=188
Frame ID: 8810022282EA6D43F5C823F80E179F96
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=small&annotation=inline&width=120&origin=https%3A%2F%2Fwww.nosorigines.qc.ca&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Frame ID: F3E81627197F11017955BB14A88D3191
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.nosorigines.qc.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Frame ID: 8A7364F80210D6D1D3389490AFE65AB6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F53EFB17C69D104205B79E08BC49CC57
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E77F9C4B761B61948089E900BA4CB6F3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AA0FE8D258135FA2B0E0D83AD85CDDCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 98800A6FAC491DEFA78C010704BF2810
Requests: 1 HTTP requests in this frame

Frame: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=7y089j3_zdf9o1w_th6tx9xl&c=tradedesk01cont1&js=pmw0&w=120&h=600&sid=0
Frame ID: B661713EEDDA5CD5D11CB14E2FBB55B0
Requests: 12 HTTP requests in this frame

Frame: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=7y089j3_zdf9o1w_solwogsb&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Frame ID: 9E5FFA6622C5EAD4AE470D195095D22A
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/index.html?ev=01_250
Frame ID: 69BB6738CE1C86022CFF263898400916
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CDM%20Serif%20Display%3A400
Frame ID: EF988C8AED71CAA693F27E09842C51A9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4DBBD24726F28DAF322CBCB4B636A08E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 8A451DAFC6E4818B562839FA6FAC37FF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: BB23365980D67F93B955750881BDD627
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 4DA22C0D7F700378CF971152AEE44932
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD7542384622AD724E751AB57775D164
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D433E80116756797845173BCE57A734
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: A78B2E5554B7FC48F28339AEA0B0562B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Généalogie Famille Leduc

Page URL History Show full URLs

  1. http://ourorigins.org/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en HTTP 302
    https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

134
Requests

96 %
HTTPS

0 %
IPv6

18
Domains

29
Subdomains

25
IPs

2
Countries

1815 kB
Transfer

4710 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ourorigins.org/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en HTTP 302
    https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://cs.choozle.com/sync?acc=jtgh3le HTTP 302
  • https://cs.choozle.com/sync?v=true&cid=985f11d6-b3c8-429c-8c46-d043fb038765
Request Chain 56
  • https://cs.choozle.com/sync?acc=jtgh3le HTTP 302
  • https://cs.choozle.com/sync?v=true&cid=c728465c-22c0-44ac-9f5a-200d3af36c02 HTTP 302
  • https://tags.bluekai.com/site/48443?id=c728465c-22c0-44ac-9f5a-200d3af36c02&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3Dc728465c-22c0-44ac-9f5a-200d3af36c02 HTTP 302
  • https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=c728465c-22c0-44ac-9f5a-200d3af36c02 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_puid=c728465c-22c0-44ac-9f5a-200d3af36c02&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
  • https://cs.choozle.com/sync?pid=5a625654-38ce-40c1-a298-2bec64d075fc&dpsync=ttd&cid=c728465c-22c0-44ac-9f5a-200d3af36c02 HTTP 302
  • https://idsync.rlcdn.com/459489.gif?partner_uid=c728465c-22c0-44ac-9f5a-200d3af36c02 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJGM3Mjg0NjVjLTIyYzAtNDRhYy05ZjVhLTIwMGQzYWYzNmMwMhAAGg0IydjhqwYSBQjoBxAAQgBKAA HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Request Chain 84
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 94
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cgaf4Rmx4ZZGbH7CXxtYP3bSFqAysqZfZc_WOhZuBEqCWgOyQAhABIKSv6Adg_aCZgegDoAGn5LyjA8gBCakCGrwx-nW_qD6oAwHIA8sEqgTIAk_QP-iJ7bZOToKKu4fwP9uNRGGQ7sLyrfl9kbPmaftPLE9IB5pbnzvlODl-_rploI-7EO6wo8DN4g7LpeGPYebikmgrEYVJtVEtOIt8Mw9iqPbsgXWwd85dVxU0bYGm32bt0t5pwPM7rkoohyToDUF-TZsxN1KMdCB4szDROGAkHHVf-ip9Gl65VzBhZr4VxZRfjGypLpUUAwL3zbh351LD_8UYs-YCSUMKwgJHKNX55em7vmRtxBUefh_i9_PvsHnObDPFWN-0c78CagFSs21eFztzUTXTN6q9z6yv0CFcKfoFrIDCwxgxXgXKkLQAHvRVyELInClYDSgoIjoSf-CmkXdEhLVlbjeuL0oM4iUN3KtxPLKaedvW3PYyW6gNn7p7kTfw3UG7Y8veM6w1VPPYCQOwF6d6ROmlpA0DFdM_d3H4i5YJ9sjABLKE0_vHBIgF6cixpAOgBi6AB8Gbw1yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCItBXSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WPaXm5GMioMDmgkdaHR0cHM6Ly93d3cuaGFyZHdvb2RnaWFudC5jYS-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLaDBAKChCQxP_z3uaq5S4SAgEDuBPkA9gTA4gUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NDk4NTMwNzUzMTUwMDU3GAA&sigh=izb9AhED_Zs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN8L4ue8JFGOUKK33fNJnC2sMU2P1llGxaWHPx1bfGO9xTCgW3mIkFp474mPfleRh4ZcNssK_5O6PsiXHwoqWMpsz5wCFzOM7gmJcYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb2a80adb5d641900000000000000000%22,%222%22:%220x37b6d265543e0f180000000000000000%22,%223%22:%220x45c6a849c1b130830000000000000000%22,%224%22:%220x9a47407e267176b10000000000000000%22,%225%22:%220xee23d79d1dc80f200000000000000000%22},%22debug_key%22:%225275470469847640327%22,%22debug_reporting%22:true,%22destination%22:%22https://hardwoodgiant.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879702567%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224818360196303781473%22}&andc=true
Request Chain 105
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=94253133&utmhn=www.nosorigines.qc.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=G%C3%A9n%C3%A9alogie%20Famille%20Leduc&utmhid=720679887&utmr=-&utmp=%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&utmht=1702390856996&utmac=UA-23950381-1&utmcc=__utma%3D1.884091185.1702390857.1702390857.1702390857.1%3B%2B__utmz%3D1.1702390857.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=426235752&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23950381-1&cid=884091185.1702390857&jid=426235752&_v=5.7.2&z=94253133

134 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request genealogielistfirstname.aspx
www.nosorigines.qc.ca/
Redirect Chain
  • http://ourorigins.org/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en
  • https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.254.247.158 Hampstead, Canada, ASN21548 (MTO, CA),
Reverse DNS
ip64-254-247-158.dotcom.qc.ca
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
13b22ee90db618f5603f2d4067e66b0bb7a731f84f3e8b89d27fd865f9b21301

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
10834
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 14:20:51 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Content-Length
230
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 14:20:51 GMT
Location
https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
genealogie_V10.css
www.nosorigines.qc.ca/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nosorigines.qc.ca/css/genealogie_V10.css
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.254.247.158 Hampstead, Canada, ASN21548 (MTO, CA),
Reverse DNS
ip64-254-247-158.dotcom.qc.ca
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8bfb196d16418c670758ed2da72d89c1f27a9b10173e57f2c3613220ca2102d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 14:20:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 19:53:05 GMT
Server
Microsoft-IIS/8.5
ETag
"8055c776726d71:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=15552000
Accept-Ranges
bytes
Content-Length
2353
Genealogie_quebec_drapeau.jpg
www.nosorigines.qc.ca/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nosorigines.qc.ca/images/Genealogie_quebec_drapeau.jpg
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.254.247.158 Hampstead, Canada, ASN21548 (MTO, CA),
Reverse DNS
ip64-254-247-158.dotcom.qc.ca
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8d9cc43d0f68313711ed25518ab432684fa9bc85cf80f4636291fc076144e448

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 14:20:51 GMT
Last-Modified
Wed, 14 Feb 2007 16:02:34 GMT
Server
Microsoft-IIS/8.5
ETag
"1045438a5150c71:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1795
help_fr.gif
www.nosorigines.qc.ca/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nosorigines.qc.ca/images/help_fr.gif
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.254.247.158 Hampstead, Canada, ASN21548 (MTO, CA),
Reverse DNS
ip64-254-247-158.dotcom.qc.ca
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
848eadeaac811e89c632ba55b8abafe2bbc5b57379c9217d1c4b86d3f7fd4b1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 14:20:51 GMT
Last-Modified
Wed, 14 Feb 2007 16:33:26 GMT
Server
Microsoft-IIS/8.5
ETag
"6c53cda5550c71:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1599
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
c5f553379d19a360e27caf7c4758acffd1d3d20a2cd969a703f48c3d3757410b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52031
x-xss-protection
0
server
cafe
etag
1118857649443724286
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:54 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 12:45:04 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5752
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 12 Dec 2023 14:45:04 GMT
plusone.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
sffe /
Resource Hash
c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 14:20:55 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21930
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"b82ec1e6cb6f99ed"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
841319ae9049b53c98cf025660c662a50ff38bab30b20cdafefa40fbc784b68e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137688
x-xss-protection
0
server
cafe
etag
17558467786434048436
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:54 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 51CD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
20389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 08:41:05 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 08:41:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame B351 		50 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
c1369e4073f5f696d0f2a23bfc82dded107a5f8c8dcad2acdcea30c465f8c8a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
18494
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:20:55 GMT
expires
Tue, 12 Dec 2023 14:20:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5F40 		128 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
69acf6f8e4c88758dc488f96381dc52f5941622ef638f9cdfbdd7f091abd05a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43513
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:20:55 GMT
expires
Tue, 12 Dec 2023 14:20:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8810 		340 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&adk=1812271804&adf=3025194257&lmt=1702390854&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854283&bpp=4&bdt=532&idt=180&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90&nras=1&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=188
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
05dfdb9ac572c1e926e255a9cd11e32002ff3e0666315b05a674c29e5abc2b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
60208
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:20:55 GMT
expires
Tue, 12 Dec 2023 14:20:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
dcmads.js
www.googletagservices.com/dcm/ Frame B351 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 12 Dec 2023 14:22:58 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B351 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
ce44d9d3620877fb90e5a0dc690fb51323242adfd601d2d327e623488f94c67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
20389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14395
x-xss-protection
0
server
cafe
etag
62258312933698035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B351 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
44890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B351 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B351 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B351 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
76f8a6988fb87a1da331ef441bf9b1a8e89ddf4cc10c0e8c951799f0d10430d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55995
x-xss-protection
0
server
cafe
etag
9373020513907026230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
ca-pub-9498530753150057
fundingchoicesmessages.google.com/i/ 		181 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9498530753150057?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
b4f88823d8af2a28f9448e147e0890fae5b336e8f2fc323f740040a792c89425
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FfEPPXE3MieMjQRMS61EVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-FfEPPXE3MieMjQRMS61EVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame B351 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 14:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 14:29:18 GMT
B30583481.375831544;dc_ver=99.292;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=1633446665;ord=wyf4ik;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCYcG7Rmx4ZYLAHvjTxtYP36i54Aah3Z...
ad.doubleclick.net/ddm/adj/N636.1508339ADWORDS.COM/ Frame B351 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N636.1508339ADWORDS.COM/B30583481.375831544;dc_ver=99.292;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=1633446665;ord=wyf4ik;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCYcG7Rmx4ZYLAHvjTxtYP36i54Aah3Z_dcMi6gZ_KEWQQASCkr-gHYP2gmYHoA6AB6qWVogLIAQmoAwHIAwKqBM4CT9CDi1DpJYelah_3OyXAnC3J6ERrS3eVZtWQfbneJzduWQL-d_hY45qjdmuIFJfwZ7ylK4dA98PTZxqoREojQsFHoT5EZrrBZ9x3whjVpzlLP8Xx4fAcxfg2FOeO-oSDD8_zmcYS9DNLVWyBQ10hnIpEJm6zV_ZqaI5tjUJxauLHb8YabqC-50d6DhO4RBz77s7YB_LXhyZ22eH0LRSx3pOsQzUpOig3SBteCJBW_sk_AkoVB_GfVg0jQ_uVcpToqpDOWCImEBAjw6Q6mb0OLL6Jz5f7JCRRPqRsDOFHbIXtQT_2_hwtXQZP5vcCos-SFZFQIJ1alYGxvq4w5tDgUiVE57wfCTHmM85xajX4YjwxCwcP8-j7Zd-1XItqXZmoIMgpvSVLnTnwvyESgwUC8seMKwH-XB3MQgnwf9OWRS5o_e2Ds3peank1xrcY38AEypHs9vwDiAXJ0JHDQKAGEYAHmN7_3wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj4v5qRjIqDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEPCntrOMq4rZngESAgEDqg0CQ0HIDQHYEwzQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIgvuakYyKgwMV-KnRBB1fVA5sEAEYASAAEgLWUvD_BwE%26num%3D1%26cid%3DCAQSTgDICaaNgKmY7UBHVxpQY2-uj-Q5zbSsWLO2CiZV4Nkanu8vFDZLxMEqGsxn8rr7EXABsxQeitmIZypv7_1Rq-B1ttCM-mfV2eI4weXwtBgB%26sig%3DAOD64_1s7C9oLVUQ8XlrU9A4EqWl3n2rVw%26client%3Dca-pub-9498530753150057%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.nosorigines.qc.ca%2F$0;xdt=1;crlt=nJ'kWk26z8;stc=1;chaa=1;sttr=58;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f148.1e100.net
Software
cafe /
Resource Hash
0e2cf1a545d99e009f27db52a5a409a13b65c1b85d8603e27382515c47e2b974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32804
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/ 		158 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
sffe /
Resource Hash
5b683a525a2a814b27fc09152ee8030b6d542cd24a61de371bbe5e8815e9d0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55751
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 22:37:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 21:47:16 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
sffe /
Resource Hash
d99dd3891be0d37edbcc13fdaad780f164a758be5d0c8a71f66596e6cda04f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34324
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 22:37:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 03:27:02 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame F3E8 		0
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
postmessageRelay
accounts.google.com/o/oauth2/ Frame 8A73 		565 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.nosorigines.qc.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f84.1e100.net
Software
ESF /
Resource Hash
e10c3d34c087f4ba169402acdf0559ad7d39b66e332977b4ac99a4f2419cfa87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-17e_zwnOWZcrz2Rpg8Vufw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-17e_zwnOWZcrz2Rpg8Vufw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Tue, 12 Dec 2023 14:20:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B351 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 09:38:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame B351 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N636.1508339ADWORDS.COM/B30583481.375831544;dc_ver=99.292;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=1633446665;ord=wyf4ik;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCYcG7Rmx4ZYLAHvjTxtYP36i54Aah3Z_dcMi6gZ_KEWQQASCkr-gHYP2gmYHoA6AB6qWVogLIAQmoAwHIAwKqBM4CT9CDi1DpJYelah_3OyXAnC3J6ERrS3eVZtWQfbneJzduWQL-d_hY45qjdmuIFJfwZ7ylK4dA98PTZxqoREojQsFHoT5EZrrBZ9x3whjVpzlLP8Xx4fAcxfg2FOeO-oSDD8_zmcYS9DNLVWyBQ10hnIpEJm6zV_ZqaI5tjUJxauLHb8YabqC-50d6DhO4RBz77s7YB_LXhyZ22eH0LRSx3pOsQzUpOig3SBteCJBW_sk_AkoVB_GfVg0jQ_uVcpToqpDOWCImEBAjw6Q6mb0OLL6Jz5f7JCRRPqRsDOFHbIXtQT_2_hwtXQZP5vcCos-SFZFQIJ1alYGxvq4w5tDgUiVE57wfCTHmM85xajX4YjwxCwcP8-j7Zd-1XItqXZmoIMgpvSVLnTnwvyESgwUC8seMKwH-XB3MQgnwf9OWRS5o_e2Ds3peank1xrcY38AEypHs9vwDiAXJ0JHDQKAGEYAHmN7_3wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj4v5qRjIqDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEPCntrOMq4rZngESAgEDqg0CQ0HIDQHYEwzQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIgvuakYyKgwMV-KnRBB1fVA5sEAEYASAAEgLWUvD_BwE%26num%3D1%26cid%3DCAQSTgDICaaNgKmY7UBHVxpQY2-uj-Q5zbSsWLO2CiZV4Nkanu8vFDZLxMEqGsxn8rr7EXABsxQeitmIZypv7_1Rq-B1ttCM-mfV2eI4weXwtBgB%26sig%3DAOD64_1s7C9oLVUQ8XlrU9A4EqWl3n2rVw%26client%3Dca-pub-9498530753150057%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.nosorigines.qc.ca%2F$0;xdt=1;crlt=nJ'kWk26z8;stc=1;chaa=1;sttr=58;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:26:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
42881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:26:14 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B351 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 19:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
155846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Dec 2024 19:03:29 GMT
truncated
/ Frame B351 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14484cb4d3933e752f5c1b22a4d37df4f442c08b25274b64c3c9653c50546005

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F53E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
354768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 11:48:07 GMT
expires
Sat, 07 Dec 2024 11:48:07 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/o/ Frame 8A73 		0
230 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f84.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-anoze-kfCqJki5AYhIUVvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.nosorigines.qc.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-anoze-kfCqJki5AYhIUVvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
478691279-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 8A73 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.nosorigines.qc.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5186
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 23:06:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 07:20:27 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 8A73 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.nosorigines.qc.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
sffe /
Resource Hash
0d3c50c1af81534edee9a430edb5d09c6068348173496657982a4546ff2ee231
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 14:20:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7121
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"14543ead6f363f55"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F53E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
27232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 06:47:03 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame E77F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 04:00:38 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 04:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame AA0F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 04:00:38 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 04:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 9880 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 04:00:38 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 04:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVrNXyYOIxMxAx8ORE_U9mTC0wM6I454B44RREs5i5Dnhv2fW4nYg--0zDH0nmX6dYHetY22UL2PwEZB1r6xYw-ZUcyRdHbCP6v7CS45kcuSUfAvSVCFTh6WLj__fV3lCS-1EEgtg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVrNXyYOIxMxAx8ORE_U9mTC0wM6I454B44RREs5i5Dnhv2fW4nYg--0zDH0nmX6dYHetY22UL2PwEZB1r6xYw-ZUcyRdHbCP6v7CS45kcuSUfAvSVCFTh6WLj__fV3lCS-1EEgtg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzkwODU1LDYyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubm9zb3JpZ2luZXMucWMuY2EvZ2VuZWFsb2dpZWxpc3RmaXJzdG5hbWUuYXNweCIsbnVsbCxbWzgsIjhwY2hkVWpMUUw4Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
564dd9853e846c0a24bcfda613ec007a08214f47bba81f8b8e05206d582cdf79
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vcOCYzZcRajhT7_p6cuC4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vcOCYzZcRajhT7_p6cuC4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/ Frame 8A73 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
sffe /
Resource Hash
b1e012aaab4e65462b456ff6a07a6512c7b11d1682d228531d66b132dcf3d364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23431
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 22:37:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 20:00:30 GMT
css2
fonts.googleapis.com/ Frame E77F 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 12:21:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 14:20:55 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E77F 		205 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 14:20:55 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E77F 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:29:26 GMT
x-content-type-options
nosniff
age
28289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 06:29:26 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E77F 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
14618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 10:17:17 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E77F 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:56:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
44683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:56:12 GMT
ca
choices.truste.com/ Frame B661 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=7y089j3_zdf9o1w_th6tx9xl&c=tradedesk01cont1&js=pmw0&w=120&h=600&sid=0
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-106.iad79.r.cloudfront.net
Software
nginx /
Resource Hash
444ac593b02191649a7fd59d1ec66e678484573db7a670a89d63558cab34980d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2d5ae77baf1e996b29b17b6541abf9c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD79-C2
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
x-amz-cf-id
0VmLE7f4EsYknAXqMUDq35fY3fHgxt45N7FgUXqBhpGFVefyQp370g==
x-xss-protection
1; mode=block
expires
Tue, 12 Dec 2023 14:20:54 GMT
sync
cs.choozle.com/ Frame B661
Redirect Chain
  • https://cs.choozle.com/sync?acc=jtgh3le
  • https://cs.choozle.com/sync?v=true&cid=985f11d6-b3c8-429c-8c46-d043fb038765
35 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.choozle.com/sync?v=true&cid=985f11d6-b3c8-429c-8c46-d043fb038765
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Server
35.169.53.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-53-134.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://cs.choozle.com/sync?v=true&cid=985f11d6-b3c8-429c-8c46-d043fb038765
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B661 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
44890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B661 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B661 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
google
vae-bid.adsrvr.org/bid/feedback/ Frame B661 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vae-bid.adsrvr.org/bid/feedback/google?t=1&iid=e867663a-9e26-4023-81f7-1f019e30eadd&crid=th6tx9xl&wp=ZXhsRgAH6mcITzJKAAoUYuK1d2G0USNiwKVSlg&aid=1&wpc=USD&sfe=17afec46&puid=&tdid=&pid=ba9b94jj&ag=zdf9o1w&adv=jtgh3le&sig=1VpMpC65_SetLbdlkrlFp1wqwvT7nm6ZmG757dGmOJw4.&bp=0.21017137824&cf=5905323&fq=0&td_s=www.nosorigines.qc.ca&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=57&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-9498530753150057&did=&rcxt=Other&lat=43.650000&lon=-79.380000&tmpc=0.26000000000004775&daid=&vp=0&osi=&osv=&bx=70&bffi=41&c=CgZDYW5hZGESB09udGFyaW8iB1Rvcm9udG84AVABgAEAiAEBkAEBsAEAugEECAEYBNgCtBDgAqwC-AIBgAMBiAMCkAMBmAMA0AMA2gMECFYYBA..&dur=CkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=i-KOoC&crrelr=&fpa=427&pcm=3&vc=3&said=pT5BV9ePuC4lkcAu7ItVUg%3D%3D&auct=1&im=1&mc=38cd39ff-fa83-47ff-86ff-261a05b6a61e&abr=9fd30bf1-b037-47ea-b65f-be51efef6a8a&tail=1
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:56 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
th6tx9xl_120x600.png
ad.adsrvr.org/ba9b94jj/jtgh3le/ Frame B661 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adsrvr.org/ba9b94jj/jtgh3le/th6tx9xl_120x600.png?cb=712257
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-60-119.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c86d76eaeb0b04f6404d131b610b8b66fdb4906e5fe346b953dca9dba3d36196

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:00:02 GMT
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 14:29:15 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P1
age
26455
x-amz-server-side-encryption
AES256
etag
"c6291e52341edbe2381f4b5cd80d4525"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
118473
x-amz-cf-id
ObQV2ZoJJSVu0GpV7N0GCa9OhQ7q3M-ydgPvKs7b4yJh3SlNIpNFdA==
ca
choices.truste.com/ Frame 9E5F 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=7y089j3_zdf9o1w_solwogsb&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-106.iad79.r.cloudfront.net
Software
nginx /
Resource Hash
6e0190dd4acffd456bc0cda2527122192a11d60e9d21a0011f24c297927a3fd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2d5ae77baf1e996b29b17b6541abf9c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD79-C2
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
x-amz-cf-id
QHukyF1Ry1In2QwCeeZRDh7ZK0eJv_BhGMnTJue69NsyLROl6ph3WQ==
x-xss-protection
1; mode=block
expires
Tue, 12 Dec 2023 14:20:55 GMT
cm
us-u.openx.net/w/1.0/ Frame 9E5F
Redirect Chain
  • https://cs.choozle.com/sync?acc=jtgh3le
  • https://cs.choozle.com/sync?v=true&cid=c728465c-22c0-44ac-9f5a-200d3af36c02
  • https://tags.bluekai.com/site/48443?id=c728465c-22c0-44ac-9f5a-200d3af36c02&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3Dc728465c-22c0-44ac-9f5a-200d3...
  • https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=c728465c-22c0-44ac-9f5a-200d3af36c02
  • https://match.adsrvr.org/track/cmf/generic?ttd_puid=c728465c-22c0-44ac-9f5a-200d3af36c02&ttd_pid=gdmv7qs&ttd_tpi=1
  • https://cs.choozle.com/sync?pid=5a625654-38ce-40c1-a298-2bec64d075fc&dpsync=ttd&cid=c728465c-22c0-44ac-9f5a-200d3af36c02
  • https://idsync.rlcdn.com/459489.gif?partner_uid=c728465c-22c0-44ac-9f5a-200d3af36c02
  • https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJGM3Mjg0NjVjLTIyYzAtNDRhYy05ZjVhLTIwMGQzYWYzNmMwMhAAGg0IydjhqwYSBQjoBxAAQgBKAA
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 14:20:57 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E5F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
44890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E5F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9E5F 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
google
vae-bid.adsrvr.org/bid/feedback/ Frame 9E5F 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vae-bid.adsrvr.org/bid/feedback/google?t=1&iid=e6b9d508-bf03-4536-ba20-f314680e0d45&crid=solwogsb&wp=ZXhsRgAH6mgITzJKAAoUYrD_Bk6Ad7HjgbS47A&aid=1&wpc=USD&sfe=17afec46&puid=&tdid=&pid=ba9b94jj&ag=zdf9o1w&adv=jtgh3le&sig=1dvJVCQUK7Zxay9HSNMXh0IGN345vpA9h2v2ligh88FM.&bp=0.21017137824&cf=5905323&fq=0&td_s=www.nosorigines.qc.ca&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=57&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-9498530753150057&did=&rcxt=Other&lat=43.650000&lon=-79.380000&tmpc=0.26000000000004775&daid=&vp=0&osi=&osv=&bx=70&bffi=41&c=CgZDYW5hZGESB09udGFyaW8iB1Rvcm9udG84AVABgAEAiAEBkAEBsAEAugEECAEYBNgCtBDgAqwC-AIBgAMBiAMCkAMBmAMA&dur=CkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=i-KOoC&crrelr=&fpa=427&pcm=3&vc=3&said=y952Jk8pQL7BavBmZqQdPw%3D%3D&auct=1&im=1&mc=38cd39ff-fa83-47ff-86ff-261a05b6a61e&abr=a90fd8aa-4b9b-4c64-994a-b9de0133c7f8&tail=1
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:55 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
solwogsb_160x600.png
ad.adsrvr.org/ba9b94jj/jtgh3le/ Frame 9E5F 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adsrvr.org/ba9b94jj/jtgh3le/solwogsb_160x600.png?cb=878308
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-60-119.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f73cc31d1c918df6dd0e3f0f19b7d8e7240b6a8babf1296e621d0c04143a8333

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:33:07 GMT
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 14:29:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P1
age
28070
x-amz-server-side-encryption
AES256
etag
"289c498c8068e0be60d89422cdfbb6a0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
142345
x-amz-cf-id
_kl9VBf90Z8O8O_EuRaimHR8NnYvIvRZnQEciswmkUBOPVezwYnYHw==
AGSKWxXNzH8CuYa5wI0iWwNrjQkYVH4FJepWse3OSyu5oMaW8eNxSNzYIV4VJ568REJj6hiEUQJjtThIw8S1nkgh0iBHB-0WECqD67QxBHeE07wbH9RARwb-Hnom12RILnUbRVS2Cm76IQ==
fundingchoicesmessages.google.com/f/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXNzH8CuYa5wI0iWwNrjQkYVH4FJepWse3OSyu5oMaW8eNxSNzYIV4VJ568REJj6hiEUQJjtThIw8S1nkgh0iBHB-0WECqD67QxBHeE07wbH9RARwb-Hnom12RILnUbRVS2Cm76IQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzkwODU1LDcxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImZyIl0sImh0dHBzOi8vd3d3Lm5vc29yaWdpbmVzLnFjLmNhL2dlbmVhbG9naWVsaXN0Zmlyc3RuYW1lLmFzcHgiLG51bGwsW1s4LCI4cGNoZFVqTFFMOCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
adf9db618781210b7fb1af2711cc018e4eba1a19bb9d7e4699772afd3332286f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hDl0BoQxolIb6prFFTxX7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hDl0BoQxolIb6prFFTxX7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B351 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
index.html
s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/ Frame 69BB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
b158648cff33e9efbd24fbebc70b21caa167ef526959f9ea76da73ba6b07a992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
48341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1666
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 00:55:14 GMT
expires
Wed, 11 Dec 2024 00:55:14 GMT
last-modified
Tue, 12 Sep 2023 18:25:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B351 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP4SawmeMnqAtsEGPRBs9xXuqRHCZLBhxwZp82jLfOFqS7KWYK66FAFO8rjNOy7H0m4dRc-bJF6xkjIRcpF5yybnlaRoEDEZ_qZsaSDSXG0SFgFF3vzSKvh7RQsxE60jRjHB4qw4EyqGPJnwWoRH2zLiWH1FhNjMzUj0tfV7cZcC26lA&sai=AMfl-YT9lS2aRvFeNmyBRm9uo5jib08XxwSDaInGSPLBxIcFJlTXHgp2lJD-wCu6lwpDGmACqisx9a0_NwCsMTxMvjr9vHVsxT9XoaNWjw&sig=Cg0ArKJSzIZHjAirg5aVEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=414&cbvp=1&cstd=410&cisv=r20231207.99364&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame EF98 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CDM%20Serif%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
ESF /
Resource Hash
350e82e3b0665fac81a4caeaead3cdfa419527a93585a2ac7cbc9bf2e0e3a867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 13:33:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 14:20:55 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EF98 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EF98 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4DBB 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
338
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:15:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EF98 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
44890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EF98 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EF98 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame EF98 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 18:27:28 GMT
css
fonts.googleapis.com/ Frame 5F40 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 13:12:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 14:20:55 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5F40 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5F40 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5F40 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
44890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5F40 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5F40 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:55 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 5F40 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 18:27:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F53E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkLxoR2x4Zc3AE7adoPwP1b-SmAMAAAAAOAHgBAI&bg=!mpmlmdbNAAY3kmNgF5I7ADQBe5WfOMoamwE-3tYWJJ18gdvnb97z42OwLvp-e5RjxpO25nfhhOkDUqOe3fLP6RJgIsXmAgAAAOZSAAAABGgBB5kDGhw3xW6nrQjeUYQ1hCsmZXYTR3QtQxJmH-7iL4sgmlCp8WThoew-AgSATMrhqbOWdzYloBMqPiuR98QKFUyZ7p4FlR1jcR9gS7AJ7rKZXjXwhWbo_99fGBQzOnveoYtHHoWPZ2C7DocMmtUbx3HVdugi2UF0lB1H3zztnvROYG4R6nApGZjMB3y0y4phlysILZQgTppVAI1fFUUkxIbqZ3LSFuPr-AGiHeOT8w7R1qXeAQ0MMGfFpKekYg82oO7aTeHsdg8N7OymL4rkBNUVABj-GmyEbk5AwTe3Qu0vmyCDkhA87ZeNHwoFRQL-Oz1HWvDa0IjIKuPdIjeJ-SLJsnl4ZO1tbzrEwEk-8PTf8tvtah7WxNWdGVcIl3-RODxZ1jNC7KDmdFDMSEJ7YfDrxaDwct34KnYI0cqFSM6q7nmIxylfaPHEEsd-Ihp-YC6mXJBD3QSEMD8aVqaXtWjdVcCtamsIKnpo0L1xOd7_DLyQoy5Tu_JIvHnL8NArA6sUWXMSF3Sw7fuUURS3bUxozV6uqo5WRwK52iu6EeMH5SOwnU4QCYbrt1YYVE1NdTeWSi4bjXrSvb0wSqQRn5QFay_-2TQt80ZICUzBTSYFF_xR8WoEOsdQnfOkeJS-m7uxeCVl7wC_0FnVhg7UeWmARf6DKQFSIXhiItltlcDMo-hgtqaUeg-XF5nyCbHMFqqnX4ZvxmS86L_orlcjV57puvHO_WyYUYNNbUO2gVn0oEw8pIOTwukwuYXjRswUiGFcY8VMB3Zx1CH-lQIdkqgShQ4kX95rfDvnCNCtvcfENeD8itvABUWQ-fWPYPU_jhv72fvWR6ZR_vet1hBlk33XGX4QNe8zIRM4dhJtO3DSjEGlsx2rdqevOZH9tlU48XwXBHNOtus7BuVelxpXxgwrOfTFvfVH3x5CP-35-1nZdu-r69tluvpG8dO_q7Y9dTqSqWTewEvp7DVOQLC4BZC2OlRl_IjayccQytKD5_WM5A0r-7E_SdMBJt5ZGCVusnlweMsdvQ0CKXEeeduz-6-AdkPES0iHmBX4Ellq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/13746097312023878377/ Frame 5F40 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13746097312023878377/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
0546f80d5884422ae558b3ac54be7e2bbf279c3a075ca9f2a3a6e03e7b9a9be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:03:55 GMT
x-content-type-options
nosniff
age
4620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32051
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 17:32:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 13:03:55 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/435138319842023304/ Frame 5F40 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/435138319842023304/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
a05fae496e8af88fe1e290887b9ade7198df9a4c2a5864261b9b357f653270d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:00:33 GMT
x-content-type-options
nosniff
age
4822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4028
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 12:46:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 13:00:33 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4DBB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:20:56 GMT
expires
Tue, 12 Dec 2023 14:20:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:20:56 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5F40 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02b04ca4e56ab6cf0557b1030176397c91accf5143f90bcbc4c7f15118e444e8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
style.css
s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/styles/ Frame 69BB 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
43aeaf8e1e64ff58834b833e4e0d4ef51328e9bc315dd6006b33c6f48dd2e0a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
920
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 18:25:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 04:42:06 GMT
script.js
s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/scripts/ Frame 69BB 		1 KB
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
6bafe161086624965512347c012932df8b031462e6af7c849a07344d3fc1a2bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38896
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
539
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 18:25:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 03:32:39 GMT
bumper-logo.svg
s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/images/ Frame 69BB 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/images/bumper-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
c5dd4ef3b0218cf6468076aa06ac6d62ab02f8b473cc3dc14326be028d3f93e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719949724735657331/MARC-1439-Bumper-VIN-NoBg-970x250/styles/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1835
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 18:25:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 11:17:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B351 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP4SawmeMnqAtsEGPRBs9xXuqRHCZLBhxwZp82jLfOFqS7KWYK66FAFO8rjNOy7H0m4dRc-bJF6xkjIRcpF5yybnlaRoEDEZ_qZsaSDSXG0SFgFF3vzSKvh7RQsxE60jRjHB4qw4EyqGPJnwWoRH2zLiWH1FhNjMzUj0tfV7cZcC26lA&sai=AMfl-YT9lS2aRvFeNmyBRm9uo5jib08XxwSDaInGSPLBxIcFJlTXHgp2lJD-wCu6lwpDGmACqisx9a0_NwCsMTxMvjr9vHVsxT9XoaNWjw&sig=Cg0ArKJSzIZHjAirg5aVEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=621&vt=11&dtpt=207&dett=3&cstd=410&cisv=r20231207.99364&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F40 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:29:45 GMT
x-content-type-options
nosniff
age
21071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:29:45 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:38:23 GMT
x-content-type-options
nosniff
age
9753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 11:38:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:38:41 GMT
x-content-type-options
nosniff
age
16935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:38:41 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 5F40
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cgaf4Rmx4ZZGbH7CXxtYP3bSFqAysqZfZc_WOhZuBEqCWgOyQAhABIKSv6Adg_aCZgegDoAGn5LyjA8gBCakCGrwx-nW_qD6oAwHIA8sEqgTIAk_QP-iJ7bZOToKKu4fwP9uNRGGQ7sLyrfl...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb2a80adb5d641900000000000000000%22,%222%22:%220x37b6d265543e0f180000000000000000%22,%223%22:%220x45c6a84...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb2a80adb5d641900000000000000000%22,%222%22:%220x37b6d265543e0f180000000000000000%22,%223%22:%220x45c6a849c1b130830000000000000000%22,%224%22:%220x9a47407e267176b10000000000000000%22,%225%22:%220xee23d79d1dc80f200000000000000000%22},%22debug_key%22:%225275470469847640327%22,%22debug_reporting%22:true,%22destination%22:%22https://hardwoodgiant.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879702567%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224818360196303781473%22}&andc=true
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:56 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xb2a80adb5d641900000000000000000","2":"0x37b6d265543e0f180000000000000000","3":"0x45c6a849c1b130830000000000000000","4":"0x9a47407e267176b10000000000000000","5":"0xee23d79d1dc80f200000000000000000"},"debug_key":"5275470469847640327","debug_reporting":true,"destination":"https://hardwoodgiant.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879702567"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"4818360196303781473"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 14:20:56 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 14:20:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb2a80adb5d641900000000000000000","2":"0x37b6d265543e0f180000000000000000","3":"0x45c6a849c1b130830000000000000000","4":"0x9a47407e267176b10000000000000000","5":"0xee23d79d1dc80f200000000000000000"},"debug_key":"5275470469847640327","debug_reporting":true,"destination":"https://hardwoodgiant.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879702567"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"4818360196303781473"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 8A45 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=90&slotname=9409811225&adk=928279643&adf=600276764&pi=t.ma~as.9409811225&w=728&lmt=1702390854&format=728x90&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854263&bpp=1&bdt=512&idt=195&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3168908274908&frm=20&pv=1&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
40108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 03:12:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B351 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4vPRRmx4ZYLAHvjTxtYP36i54Aah3Z_dcMi6gZ_KEWQQASCkr-gHYP2gmYHoA6AB6qWVogLIAQmoAwHIAwKqBMsCT9CDi1DpJYelah_3OyXAnC3J6ERrS3eVZtWQfbneJzduWQL-d_hY45qjdmuIFJfwZ7ylK4dA98PTZxqoREojQsFHoT5EZrrBZ9x3whjVpzlLP8Xx4fAcxfg2FOeO-oSDD8_zmcYS9DNLVWyBQ10hnIpEJm6zV_ZqaI5tjUJxauLHb8YabqC-50d6DhO4RBz77s7YB_LXhyZ22eH0LRSx3pOsQzUpOig3SBteCJBW_sk_AkoVB_GfVg0jQ_uVcpToqpDOWCImEBAjw6Q6mb0OLL6Jz5f7JCRRPqRsDOFHbIXtQT_2_hwtXQZP5vcCos-SFZFQIJ1alYGxvq4w5tDgUiVE57wfCTHmM85xajX4YjwxCwcP8-j7Zd-1XItqXZmoIMgpvSUJnxhiLPbW0dLGuwdrWMcxITnGxgDeZ0JmmXy_Gy6on2LUj4ZGAMAEypHs9vwDiAXJ0JHDQJIFBAgEGAGSBQQIBRgEoAYRgAeY3v_fAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIKXENIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY-L-akYyKgwOACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxDwp7azjKuK2Z4BEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi05NDk4NTMwNzUzMTUwMDU3GAA&sigh=NTNVS9HsLJg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNgKmY7UBHVxpQY2-uj-Q5zbSsWLO2CiZV4Nkanu8vFDZLxMEqGsxn8rr7EXABsxQeitmIZypv7_1Rq-B1ttCM-mfV2eI4weXwtBgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9498530753150057&output=html&h=250&slotname=3127461817&adk=3592949126&adf=3297436742&pi=t.ma~as.3127461817&w=970&lmt=1702390854&format=970x250&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702390854258&bpp=5&bdt=506&idt=182&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=3168908274908&frm=20&pv=2&ga_vid=1678968219.1702390854&ga_sid=1702390854&ga_hid=720679887&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079930%2C31079980%2C44785294%2C95320884&oid=2&pvsid=2012849307738584&tmod=1196740055&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Attribution-Reporting-Eligible
event-source
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 14:20:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb2a80adb5d641900000000000000000%22,%222%22:%220x37b6d265543e0f180000000000000000%22,%223%22:%220x45c6a849c1b130830000000000000000%22,%224%22:%220x9a47407e267176b10000000000000000%22,%225%22:%220xee23d79d1dc80f200000000000000000%22},%22debug_key%22:%225275470469847640327%22,%22debug_reporting%22:true,%22destination%22:%22https://hardwoodgiant.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879702567%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224818360196303781473%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 14:20:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame BB23 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
40108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 03:12:28 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.634064018289442
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yfb_zG19FdNgjonZUUNPUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-yfb_zG19FdNgjonZUUNPUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.962528375910944
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-B6GxMzm8F9r8ip-ouiQHpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-B6GxMzm8F9r8ip-ouiQHpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fdqIyWAuTE7rr6sjDwjVXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-fdqIyWAuTE7rr6sjDwjVXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.nosorigines.qc.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B661 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c752d99cb1cc41298559511074c373420c34da51b6af521883bc5dfd292de0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame B661 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzeA5Rmx4ZefUH8rkvPIP4qiomAjdleW3XPb-j45XwI23ARABIABg_aCZgegDggEXY2EtcHViLTk0OTg1MzA3NTMxNTAwNTfIAQmoAwHIAwKqBLMCT9AQeEoG29pgVHoUOBWJMnArND3aY-K009YZXxfKMZoClv8cHCp7OZYiLTRZ18CERgtFiM3OSvc_pAr0qIdQXRsM5RC9ycPE8euxb5FupqCPZk35i-sTSqFgYWkWqv7Y2hT2Ubbu2v8ZHJQdxAlP9rGtgcFSeIb7wMPpI2gqPK5ZT-kuD5e-jmEX1SaciZw2V_ORiqlCjh3b5Dz4LoiueRdQd6CUAMhmOjl-aZ4z1BBymDmFtki1KTVGF0o938oCZOT2GBEabKmdgk3HNUIcQ00dVMz6SXdd5OKukhp3EhOPRrYtd4VON_GaZPFG5T3PdjqU_cc10vq9p8uTvro211FmBPtIDvpfdFx3MDfw79hUqB0ZCVZMz9kRk1DRSlq1v6tzOoVaQvTqbEE3WGt3c7yaGYAGkJ7DgKCatoQIoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WK7Km5GMioMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0OTg1MzA3NTMxNTAwNTcYAA&sigh=nW6u4B5IIFs&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNtbxve0kjWFA592qHLiIzicDJiHGOZmbPoa_a6n1df7MRh88spZfCur7hnX_4uyABLxk9VmKsRiejT-kxb2ZyXbaHK6cd4pL_dMIYAQ&cbvp=2&vis=1
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 14:20:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=94253133&utmhn=www.nosorigines.qc.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23950381-1&cid=884091185.1702390857&jid=426235752&_v=5.7.2&z=94253133
35 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23950381-1&cid=884091185.1702390857&jid=426235752&_v=5.7.2&z=94253133
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Dec 2023 14:20:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23950381-1&cid=884091185.1702390857&jid=426235752&_v=5.7.2&z=94253133
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1891321304&utmhn=www.nosorigines.qc.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=G%C3%A9n%C3%A9alogie%20Famille%20Leduc&utmhid=720679887&utmr=-&utmp=%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&utmht=1702390856998&utmac=UA-23950381-1&utmcc=__utma%3D1.884091185.1702390857.1702390857.1702390857.1%3B%2B__utmz%3D1.1702390857.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 15:08:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83560
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5F40 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGRtfDpHeV0lvFMbrVjE1BkEzotoanLNlLgrk5vWuupgrC8jhB-BHsvZolaXlFN5ZgqWhqnZR2J_D3EbxKzys7Aoht2pPx9ny5ssh1ntecwTykzwQQNluzx7Qn_QE96ZQIoTjQZnK_RJYeGLr3GNgNIf1___wQWja-ug973lLEB6JWn81nVc_qHeTOe7EJrwBpu0EBFdIoDAccU_HF6DAt7JNKx71t7Xne_TOVvZxQhNPsemKFSzgLs-vg1PWOJD8Jr1coACCNxfkiZlCvxyRkqNXVL_F1gxm4KmE9PYCm0n-ctXrEukW7uXjm8CM4SuCjhmcJZTUJg2qvF3nfU1_fJ-IqrhmlAFztlPPlDEPycA0u2gaX4RHKOZPEk2f-hmFe5GKGGsTWCFavkconu_XlLTSGBHvf7vn-yUH8fVrPNX3Hm922H-ip-WPNQbqVpT8k109ywC0vyQH05kKeL9i6M6IjNFY_48dFYjSQwOycgeYNEKWTKaQGQ3Ns-l134HoYviks_RIajPWhDK3z6TX1RXluun72JkGStWW3aM-UsAeLtn4TBHYDgnFby6f1fIFmzLGdhtwo8_aPa0S4FCVeg7eRavkN-fhs1ZXq9joFSHViSd4BunfpKpETW_LT4ETLhg_Sh-cM6RJabHHMQV3pfo1gvRYCcI2JuPG3mTNzZKa54ClWORhmy3cVa7CrFIrq76SOwf_texL_OGfIirgrxXGxlwhWvZxhK_ffFHsL4TX5Ogsr3O9QV28F5yrOG3IrosWxgZ8Lz9D2VYjrxwMZeLRFb_qH1flbjLQnQMleD5Aymmkbn8Eyz9Q2rx_G0Kop4a_s3Eaj5DCDOT-fQVtO-QVPGY8M-bwlqmwPKF1SUGTo_R5K10v2jzCacY9adyQy6rH-mL7zFLZxZS7PJMOAgBRFFe8YE8gBPuoLXeg4QpoCRiRKAtLUoB9mqcErg6aHoaKzt1qxDCyoDbjoZD_ZFmBqEGlNTpYCbbh-EjfwUVoX9OKaJL0_Xmv95b6VYoHM4H_wzBkg-PaRTzVBsyjCyUql9nojFpkUw7vvQN6k2qnBYr0nvL5K1JhCJCLDvYbp-bER4qZsxZQIvWkX95lzfymHcYy9WBCR9-MYLB0FCDh7KePbtTBIO_OB5KMv0doJ2u7-c-qSFCBl3Cguwk3V1eRPr1zT4_vQao9sGmOg9YjpPQONBCpaXmK1N7ZRhBFZ17YcWoH5hjR6T_4gY9jTiX7O6sh9jjaJYlHshrZMcTmyrEugedWSIEOy6lpmPpkv_BIuUiEgxHCO7utWK1oF1ju8ND0vEY55xXCXDGir_ehYP_0xVJB8xy7YeD7_0ZbYf2tnDDq1Olysm54ehj0qZas_RKV82kL5qn0n&sai=AMfl-YSX70tKkysQuaA_fOteDhDN-0biyo69xYWQkdLiY_rEokUQzrrGN-O2D2BG6ixabFyysvXLDnnQKOYObb1N0C0a08P9Pegbr0UmIin6uM-GK80BKXqx_7-s-hEok-hqMvbDENjNnUyd8cNIEJs4ywNyKngizYU9aSNU0GA&sig=Cg0ArKJSzCi68RaHS4L9EAE&cid=CAQSTwDICaaN8L4ue8JFGOUKK33fNJnC2sMU2P1llGxaWHPx1bfGO9xTCgW3mIkFp474mPfleRh4ZcNssK_5O6PsiXHwoqWMpsz5wCFzOM7gmJcYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=928279643&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702390854462&rpt=1580&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B351 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwQtbYpLNRNYbsgXQF8rY_Fq5TLQ6YYeRsQ3bHkftIH22h2LnIutmqdULwrxpvu-xNvGvfNyTSZPmKL7RuTl4GvsgjKwoU0Z3ySAqIjdVnFD0_xgZ3sedfedk0&sig=Cg0ArKJSzEBr4YL09EPaEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1633446665&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702390854456&rpt=1623&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B351 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLlxyCCQCMZsr08T9-dNyt52aZglt4fEFZSsMyoqshwR9xZS3E3eR6DxHSXEJ8tK6OrUHmBrYQ71-TwNsZZ3j_vqXkgvtpC0vHbePqZzjfSme1qsDcDLv2Jhnk-JneXoPFajOuwzjWcpVG5TJF0relb-zo&sai=AMfl-YSLrE1tTQ4mqy4QGhjEZPL67zUUwHzR1r2DsV-_xVC5NJVCB7TurUqekidxdpfJhXlkZDrVdVwzzhuP8nZ5cwkris9TGK-DLiZpzFvbZFzFlvBBSA3fzHjSqedYNBQLVsOPwF2VzkxbY3wnfjET&sig=Cg0ArKJSzCSWz_5Dbt68EAE&cid=CAQSTgDICaaNgKmY7UBHVxpQY2-uj-Q5zbSsWLO2CiZV4Nkanu8vFDZLxMEqGsxn8rr7EXABsxQeitmIZypv7_1Rq-B1ttCM-mfV2eI4weXwtBgB&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3592949126&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702390854456&rpt=1642&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_ad
fundingchoicesmessages.google.com/f/AGSKWxUF6iJyE9kqRWEnX13kNpBesFKQcO9a44qktupbmEFH2EGZhj_IsE5MlPHtttoNHLK_g-wHY-AOM7qWZ8OgfvRUpmr2XaE6h8x8mrLo9XNkAYUE8FWUUv6P4bEkP9I5riDfDL4FMLAGxQ_c0dT0gY7P36E_R... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUF6iJyE9kqRWEnX13kNpBesFKQcO9a44qktupbmEFH2EGZhj_IsE5MlPHtttoNHLK_g-wHY-AOM7qWZ8OgfvRUpmr2XaE6h8x8mrLo9XNkAYUE8FWUUv6P4bEkP9I5riDfDL4FMLAGxQ_c0dT0gY7P36E_RC1gxINvaWARUVepCfgjX5HKFuUOCukz/__adspace_-ad-resize-/728x90banner./live-gujAd./iframe_ad?
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMze8y4RghRHkiILg3BhrB5feyQRkA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
09896d257871bbef37cc63473a96962744a62e881f3188ae2f0f9a9ab9c4d52a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c2XYxOGmrR3zyaijuv0peg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-c2XYxOGmrR3zyaijuv0peg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMze8y4RghRHkiILg3BhrB5feyQRkA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
f7050c9c2c02bdad147168792c62f4666e490e59fee0aab7bbb4ef3ee5096775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52028
x-xss-protection
0
server
cafe
etag
7216095262283830311
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:20:57 GMT
AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aWHOJ6PDwVPTxCDEo2X7Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aWHOJ6PDwVPTxCDEo2X7Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.nosorigines.qc.ca
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KZJCzmsTCE2TTocFfFSjUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-KZJCzmsTCE2TTocFfFSjUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.nosorigines.qc.ca
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-x2jzr2n5-ca21Ep6KX8cjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-x2jzr2n5-ca21Ep6KX8cjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.nosorigines.qc.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V5NGcy7pTXscHtdaV_Oakg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-V5NGcy7pTXscHtdaV_Oakg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.nosorigines.qc.ca
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbOrHd7uk8oC-4EXTQz33_QyaZOADCsOYErNNHdNJA8CSbCxV1TA8EEz8QCJdet3LEU3xRrFunXW6E95p_P5xiMfKL-FtUgELSOX3KtZL61Jh3LtWgTcleKrFjwfqMFDhgkJjpiw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUbOrHd7uk8oC-4EXTQz33_QyaZOADCsOYErNNHdNJA8CSbCxV1TA8EEz8QCJdet3LEU3xRrFunXW6E95p_P5xiMfKL-FtUgELSOX3KtZL61Jh3LtWgTcleKrFjwfqMFDhgkJjpiw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzkwODU3LDYxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZnIiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubm9zb3JpZ2luZXMucWMuY2EvZ2VuZWFsb2dpZWxpc3RmaXJzdG5hbWUuYXNweCIsbnVsbCxbWzgsIjhwY2hkVWpMUUw4Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
8701feaf5647b4b1acbdec4a431a9ed1ad1aa8e1301003d2c6d8894fa3243f13
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U2D71TUFSp1fVhNdn47TgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-U2D71TUFSp1fVhNdn47TgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame B661 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/get?name=pmw2.js
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=7y089j3_zdf9o1w_th6tx9xl&c=tradedesk01cont1&js=pmw0&w=120&h=600&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-96.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
2e7b45ace7324f4eaf0c5e859c3ebbe3ac7fb2a8c2f922fee1e1f4096d5d0a12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:18:30 GMT
content-encoding
gzip
via
1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
age
518547
x-cache
Hit from cloudfront
pragma
public
last-modified
Tue, 21 Nov 2023 07:44:27 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
8IBBq5DK-ykcHjRMtAhKadp6CZXZVZ3IPIiUoq0CGZOr8ytSHOhUKw==
expires
Fri, 05 Jan 2024 14:18:30 GMT
cap
choices.trustarc.com/ Frame B661 		43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?&aid=tradedesk01&pid=tradedesk01&cid=7y089j3_zdf9o1w_th6tx9xl&w=120&h=600&c=1152
Requested by
Host: www.nosorigines.qc.ca
URL: https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-96.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:57 GMT
via
1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
IAD55-P2
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
rDafFX1hH7A33hkExUg4Fzi220lTKzt46wllISYYg0MO9O9tzrEtuw==
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12 Dec 2023 14:20:56 GMT
AGSKWxXm7TYCu3Wn_mYc7bDze0Bxdy2zD2Vba_Zl08H0ykl0F7EtsZxigVYM_C15NVMsZdH-dK3pT2qiRU4GvNq35Mqe1SvTuy7Jv7r7jCV-Ozp89CPmh16iLFqOxTlz4YOw4kV-8SPhWA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXm7TYCu3Wn_mYc7bDze0Bxdy2zD2Vba_Zl08H0ykl0F7EtsZxigVYM_C15NVMsZdH-dK3pT2qiRU4GvNq35Mqe1SvTuy7Jv7r7jCV-Ozp89CPmh16iLFqOxTlz4YOw4kV-8SPhWA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f9JBCoo0h2rMC1SlHoFA3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-f9JBCoo0h2rMC1SlHoFA3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.nosorigines.qc.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjrsFeDzd1WGAkQ5TsaV_XdmBMPYx4tFKoRtKuO4RrWFpwRrm9BKKoo3aC_-fGBPDTLQUGBqop657qkttulcePqo-kVnO5y_x2nqF9GBXtJBSqmUghN8A3wVFzs-a4EfgbuRnuJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Psyr5kQgemwN6jfZLrdlPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-Psyr5kQgemwN6jfZLrdlPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.nosorigines.qc.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
fe134cc761d514d5cf0f8573e8ac531c075ebc47c7c82985638f6ef09b327ab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12264
x-xss-protection
0
truncated
/ Frame 9E5F 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5039bea89585f620889ffd5d8e824e69978d8afc4976f093c5bf280fe617f1ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 9E5F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cc3OFRmx4ZejUH8rkvPIP4qiomAjdleW3XPb-j45XwI23ARABIABg_aCZgegDggEXY2EtcHViLTk0OTg1MzA3NTMxNTAwNTfIAQmoAwHIAwKqBLMCT9BikAT08V1r2GvgCBwGuCOrkv5KLun29JRymbftkx5zg7_ZMShReXjA4EaofiZpsvqAgF6DcQh4AtQDVTTswxjr3V0HGYGdCBpCf6vynldrmc6f9qbPrpWo4mqYrOr8BMnyJJkQDGA2fXfYr4pDSVm5y4PxZJTupQsvupco1-MA0UvROfl4oYBE3PhLHCMm5M4IE3LxfJXxwWEPjZ6IGO3aJv3AXSBuuVyvDaszips04OK8Mx1EgWZsfbqhvZIGpqe_gTVUtCKc9S4vgmMmiWy8A_SQhr7cEFnvoftdJd2OZntEEYgAaUHwnyMXvXy9JUDSpPU6eyVkMiFbrHu02d2C9DEMM3g1m5kPRxkZ2vIy6EdjfhuaLqQN93my97UQJey91OPQh9fJBkPziBfxW3wIq4AGxJ3yvpPFzau-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliuypuRjIqDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NDk4NTMwNzUzMTUwMDU3GAA&sigh=pWnwdq0Gsic&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNtbxve0kjWFA592qHLiIzicDJiHGOZmbPoa_a6n1df7MRh88spZfCur7hnX_4uyABLxk9VmKsRiejT-kxb2ZyXbaHK6cd4pL_dMIYAQ&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 14:20:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 14:20:57 GMT
get
choices.trustarc.com/ Frame 4DA2 		287 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-96.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Thu, 23 Nov 2023 10:09:58 GMT
via
1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
1656659
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
p6rYYu15Rn0qQgBAHZI6qwEWFTAySSrzcA8QwOTsYK5-MFpkt1gNZw==
expires
Sat, 23 Dec 2023 10:09:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B661 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssX8uzY0ZOAMd_n221rCUTfyBs0PthET1LSOdodEaBbDDe-5TdJFK7SGcs-unp52HXCBrEWp0AAV1yxy1uPJKA_DSoA2oZ-8kqKSVuCEtUw44Y9mghH0ik&sig=Cg0ArKJSzLVKeD-7fqaJEAE&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702390855679&rpt=1206&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD75 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 12:03:16 GMT
expires
Wed, 11 Dec 2024 12:03:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9D43 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
GSE /
Resource Hash
4c37ec84e5f1e068be06d895cb6baa453a00fc1e84a7bc3667ae97b2213c850d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Yzcl_gF8W_Xw__Zw-gvpQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nosorigines.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Yzcl_gF8W_Xw__Zw-gvpQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:20:57 GMT
expires
Tue, 12 Dec 2023 14:20:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame CD75 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
27235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 06:47:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9D43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2012849307738584&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CD75 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GVNnKQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:20:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
get
choices.trustarc.com/ Frame 9E5F 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/get?name=pmw2.js
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=7y089j3_zdf9o1w_solwogsb&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-96.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
2e7b45ace7324f4eaf0c5e859c3ebbe3ac7fb2a8c2f922fee1e1f4096d5d0a12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:18:30 GMT
content-encoding
gzip
via
1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
age
518548
x-cache
Hit from cloudfront
pragma
public
last-modified
Tue, 21 Nov 2023 07:44:27 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
QdydbS7u3xp76FsYhRbCrt5sgAjDYdSCnDTq57XDm1yGIBJB6Pp8xQ==
expires
Fri, 05 Jan 2024 14:18:30 GMT
cap
choices.trustarc.com/ Frame 9E5F 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?&aid=tradedesk01&pid=tradedesk01&cid=7y089j3_zdf9o1w_solwogsb&w=160&h=600&c=118a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-96.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:58 GMT
via
1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
IAD55-P2
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
7iEsXqUW7x9vhpe7ilTAj4LB1a5JPBd3syMtvX1xv6oq4GNkKi6Hrw==
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12 Dec 2023 14:20:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2012849307738584&bg=!qaqlquXNAAY3kmNgF5I7ADQBe5WfOPBV65B57LnK_zPkuX_vFkuEm0by38oYspxbt0txYFBPJhIvkqjy06XXxux7RLARAgAAAElSAAAAA2gBBwoAg4bA2ebYfmVcB7WY2t5RmzKIrOdX5qITDSp0dQQU8szO9ly1UleR5d87lJMUbg2PdIhIjcv0Pg5nATS_g7Mg1D36T8eWJgA5KNYIQnl4zWoco92FRT6NQ_GTu_SBK6HzfsASHYDKdz4rBJmVVzptPmyK_GFVzG_5tcvLKPOXuI7cvscPmQL1Xqw6FGzjmUl9jrkTTS6LtqvCZY_eQVmSrAvFLb0OcNxqyGFwQeYW8nwsPq71WfhkfjIt_yZq0kC-lQL8C4bj2ES4btXlkG15_x1nZyIuf0sdelHgZvX8UVODCV5EtbALeQyWlyvA1y8n5Ue1npSNwT9KjsSs3301l53jl3vjFIXwbuSFd0TfGs-OdRp9WajEFsIj9F_HyFEMwOYVVDTZbeUE9sXxrBlkzOmxU8Z-U3VQ9DApsfrqCnIgXadrK9SZEGhwoQxTSHnx0SmBkl6W8sgWbKwWcasCa7pZyg_88tnj5dXQffDuiOuVsfaWMIW4lVRUukVu8nbx_wiWvmRw0CkhXPwbuXlJeycGnSvYKJ5oSuy71ALl8lFFijO4RyHaO0EnecB2hdqZk7T8GIytgfdz_sBYh3cLiJ7CyvDejRrFDESAtabXNVYrBgnP_xneLcEWwbP3u_FT8ntxklMCzsiCoGCZw-ngPgg95oiriFeCmMqt8INajqhGWiADYffqxWIBV5GdBhV6J9Gc3nQIYnLikP6nEHyrsL86rUBv5Hl6t1YQjM2mKT9LGV-Bdi8SSt3jAXK5PDmPwQYsLILVS2d8lN0gS8PBiLsjbQcKtVxl2HtbJklpKoavhiS_t97KNYUyzl7XbLmTuV0cin5n3xGhrDkM9RYC0ts1PuocsbByi59hX9f7NZgxh9YefYS1sVsqb9h4UgramSCA1TabBLFJqUXhgNuPGDWePwKt_FoWOjrOC-iJrS7smX5G5NZnYgp2dl_HeK2cs57hCIBFgZ3R4-VOpXQzC_9o9ArE3pDbPgaapU0oCKgkby8oP6FKDbIJ612_n63D-frxisW74fIq2xb09YlzZDSV8OO5yRJ4AD3xQWLsQiucNm6tesHb1bwAOiVk_HTci4qaQoA3Fs74VH8DvEyoUj37FwdgGRHeEztL2snClKBEjc4u5sTJPprJSQ5hcTRe8Ai9jVnJktsQ77hIRoH3To3lvdhyMoxJHVUy0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nosorigines.qc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
get
choices.trustarc.com/ Frame A78B 		287 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-96.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Thu, 23 Nov 2023 10:09:58 GMT
via
1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
1656660
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
_j20h5BqMqVxx5Xl-fXK9bmvvXNbvN7olCI9DiFDiBiOyR06gWs5Ug==
expires
Sat, 23 Dec 2023 10:09:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E5F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSo2G8Z69VC5ai1y-wxIx-5NdJOopvc31grQMq1KfNe6CQchM7XG4xQdnuk-O8x6AM-dlsHEFkaMw6mkoyI8u2hcpcmNA-YJi3x2eYx50baCgrZf0FKKE&sig=Cg0ArKJSzLtvQRWIb_78EAE&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702390855694&rpt=1175&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 14:20:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apis.google.com
URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=small&annotation=inline&width=120&origin=https%3A%2F%2Fwww.nosorigines.qc.ca&url=https%3A%2F%2Fwww.nosorigines.qc.ca%2Fgenealogielistfirstname.aspx%3Fancestor%3D60%26Family%3DLeduc_730%26lng%3Den%26lng%3Den&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture object| _gaq object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| gapi object| ___jsl object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googletag object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YjU0ZTY5YTc3Zjg3NDUxY2xvYWRlcl9qcw== string| YjU0ZTY5YTc3Zjg3NDUxY2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| _gat boolean| b8929408-e290-451d-8aac-bf3f23663aba object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
ourorigins.org/ Name: ASP.NET_SessionId
Value: z1i2ixe1usvrm0515hpxjok3
www.nosorigines.qc.ca/ Name: ASP.NET_SessionId
Value: xz5drnundwqvnr3xerxucov1
.google.com/ Name: NID
Value: 511=sWGecMVgt5dyr3KLSsVFG_oZMzUZwfAfQactVnW7nMijQrxt93N5BE4sE8HXK1zmUVnYt6yHMF_rdzkjsNGQ-lxkRCe4JQVFhGqJvpBUYt-orr2XDnnky1U9DxLJAytofeM4nre5xYKffajTx00YH7moBwHZhqEbE-9Y7iqVJqY
.doubleclick.net/ Name: APC
Value: AfxxVi7MQPCQlRtyHdVZ0qr60FKtzMO1QMsBwe97dl8fl9Ulx2ezAA
.doubleclick.net/ Name: IDE
Value: AHWqTUmPegHGzEdGvEj4L8J8rwUK0X-z2ZD68-LMkiqIt4BWAJ5_ATW8u4XNrGijMEY
.nosorigines.qc.ca/ Name: __gads
Value: ID=7d989ac761dc272c:T=1702390854:RT=1702390854:S=ALNI_MbOxTj7pc8srMgfn6kHUbxqd_eHgQ
.nosorigines.qc.ca/ Name: __gpi
Value: UID=00000da8c5ddd6ab:T=1702390854:RT=1702390854:S=ALNI_MYO2O6g4tgce2nP9ybsLWFF-kmQcw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.adsrvr.org/ Name: TDID
Value: 5a625654-38ce-40c1-a298-2bec64d075fc
www.nosorigines.qc.ca/ Name: __utma
Value: 1.884091185.1702390857.1702390857.1702390857.1
www.nosorigines.qc.ca/ Name: __utmc
Value: 1
www.nosorigines.qc.ca/ Name: __utmz
Value: 1.1702390857.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
www.nosorigines.qc.ca/ Name: __utmt
Value: 1
www.nosorigines.qc.ca/ Name: __utmb
Value: 1.2.10.1702390857
.bluekai.com/ Name: bku
Value: mf699WkLKsUaCp/e
.bluekai.com/ Name: bkpa
Value: KJ01pg6mQM9x9mY7mqjYFEL3eLHGuOwMpWpyY3sH7TjtySzlXx7zFIWgGA2eyHDpUqtg8RyPZN/DGZMal/rbMsVFDs+cdDCsBsSpUl03E2AImndUD6GC9+69nSYPZ1r6qj280sPq9s6XPQs0yErQOoYfIfBgt6zeSa0/h0o9pKLBSmx7dQkXOyYRRExj
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjUoYiiicq9PBAFOAFaB2dkbXY3cXNgAg..
.choozle.com/ Name: chzdpsync
Value: eyJjaG9vemxlQ29va2llSWQiOiJjNzI4NDY1Yy0yMmMwLTQ0YWMtOWY1YS0yMDBkM2FmMzZjMDIiLCJwcm92aWRlckNvb2tpZU1ldGEiOnsiT1JBQ0xFIjp7InByb3ZpZGVyIjoiT1JBQ0xFIiwicHJvdmlkZXJDb29raWVJZCI6IiRfQktfVVVJRCIsInByb3ZpZGVyUmVkaXJlY3RSZXF1ZXN0ZWQiOmZhbHNlLCJwcm92aWRlclJlZGlyZWN0U2VudCI6ZmFsc2V9LCJUVEQiOnsicHJvdmlkZXIiOiJUVEQiLCJwcm92aWRlckNvb2tpZUlkIjoiNWE2MjU2NTQtMzhjZS00MGMxLWEyOTgtMmJlYzY0ZDA3NWZjIiwicHJvdmlkZXJSZWRpcmVjdFJlcXVlc3RlZCI6ZmFsc2UsInByb3ZpZGVyUmVkaXJlY3RTZW50IjpmYWxzZX19LCJ2ZXJpZmllZCI6dHJ1ZSwic3BlY2lmaWNQcm92aWRlcnMiOltdfQ==
.rlcdn.com/ Name: rlas3
Value: itL3uxsLnR4i1ucr1oIxftKtk5B5OxZE9boDhfJwzME=
.nosorigines.qc.ca/ Name: FCNEC
Value: %5B%5B%22AKsRol-8WsOGYYhfZXmYGRVqpTCOzllDClVBlEzEOoNVvO2fhe-xSt9VbGOPvrshTpXgR2MeEiZcgUujxrANRfTdvlMR8zuksXuNcd_R2Mb7YseHEyMSfTf3rB8fzO9QhzK-UDawNG3QTdPDy32swmHDYkvy-as4EA%3D%3D%22%5D%5D
.rlcdn.com/ Name: pxrc
Value: CMnY4asGEgUI6AcQABIGCLjrARAA

3 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://apis.google.com/js/plusone.js(Line 66)
Message:
Mixed Content: The page at 'https://www.nosorigines.qc.ca/genealogielistfirstname.aspx?ancestor=60&Family=Leduc_730&lng=en&lng=en' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1702390855244&_gfid=I0_1702390855244&parent=https%3A%2F%2Fwww.nosorigines.qc.ca&pfname=&rpctoken=13491553'. This request has been blocked; the content must be served over HTTPS.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.adsrvr.org
ad.doubleclick.net
apis.google.com
choices.trustarc.com
choices.truste.com
cs.choozle.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
idsync.rlcdn.com
match.adsrvr.org
ourorigins.org
pagead2.googlesyndication.com
s0.2mdn.net
ssl.google-analytics.com
ssl.gstatic.com
stats.g.doubleclick.net
tags.bluekai.com
tpc.googlesyndication.com
us-u.openx.net
vae-bid.adsrvr.org
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.nosorigines.qc.ca
apis.google.com
142.251.111.101
142.251.16.156
142.251.16.94
142.251.16.95
142.251.163.148
142.251.163.149
142.251.163.155
142.251.163.94
142.251.167.139
142.251.167.155
172.253.115.156
172.253.122.132
172.253.122.155
172.253.122.84
172.253.62.94
172.253.63.147
172.253.63.97
18.160.46.96
18.67.60.119
199.250.166.129
23.219.12.236
34.98.64.218
35.169.53.134
35.244.154.8
52.223.40.198
64.254.247.158
99.84.108.106
02b04ca4e56ab6cf0557b1030176397c91accf5143f90bcbc4c7f15118e444e8
0546f80d5884422ae558b3ac54be7e2bbf279c3a075ca9f2a3a6e03e7b9a9be0
05dfdb9ac572c1e926e255a9cd11e32002ff3e0666315b05a674c29e5abc2b0e
09896d257871bbef37cc63473a96962744a62e881f3188ae2f0f9a9ab9c4d52a
0d3c50c1af81534edee9a430edb5d09c6068348173496657982a4546ff2ee231
0e2cf1a545d99e009f27db52a5a409a13b65c1b85d8603e27382515c47e2b974
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b22ee90db618f5603f2d4067e66b0bb7a731f84f3e8b89d27fd865f9b21301
14484cb4d3933e752f5c1b22a4d37df4f442c08b25274b64c3c9653c50546005
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c752d99cb1cc41298559511074c373420c34da51b6af521883bc5dfd292de0f
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7b45ace7324f4eaf0c5e859c3ebbe3ac7fb2a8c2f922fee1e1f4096d5d0a12
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
350e82e3b0665fac81a4caeaead3cdfa419527a93585a2ac7cbc9bf2e0e3a867
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43aeaf8e1e64ff58834b833e4e0d4ef51328e9bc315dd6006b33c6f48dd2e0a5
444ac593b02191649a7fd59d1ec66e678484573db7a670a89d63558cab34980d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4c37ec84e5f1e068be06d895cb6baa453a00fc1e84a7bc3667ae97b2213c850d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5039bea89585f620889ffd5d8e824e69978d8afc4976f093c5bf280fe617f1ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564dd9853e846c0a24bcfda613ec007a08214f47bba81f8b8e05206d582cdf79
5b683a525a2a814b27fc09152ee8030b6d542cd24a61de371bbe5e8815e9d0b1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
69acf6f8e4c88758dc488f96381dc52f5941622ef638f9cdfbdd7f091abd05a0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bafe161086624965512347c012932df8b031462e6af7c849a07344d3fc1a2bc
6e0190dd4acffd456bc0cda2527122192a11d60e9d21a0011f24c297927a3fd7
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
76f8a6988fb87a1da331ef441bf9b1a8e89ddf4cc10c0e8c951799f0d10430d0
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841319ae9049b53c98cf025660c662a50ff38bab30b20cdafefa40fbc784b68e
848eadeaac811e89c632ba55b8abafe2bbc5b57379c9217d1c4b86d3f7fd4b1f
8701feaf5647b4b1acbdec4a431a9ed1ad1aa8e1301003d2c6d8894fa3243f13
8bfb196d16418c670758ed2da72d89c1f27a9b10173e57f2c3613220ca2102d0
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d9cc43d0f68313711ed25518ab432684fa9bc85cf80f4636291fc076144e448
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a05fae496e8af88fe1e290887b9ade7198df9a4c2a5864261b9b357f653270d8
adf9db618781210b7fb1af2711cc018e4eba1a19bb9d7e4699772afd3332286f
b158648cff33e9efbd24fbebc70b21caa167ef526959f9ea76da73ba6b07a992
b1e012aaab4e65462b456ff6a07a6512c7b11d1682d228531d66b132dcf3d364
b4f88823d8af2a28f9448e147e0890fae5b336e8f2fc323f740040a792c89425
c1369e4073f5f696d0f2a23bfc82dded107a5f8c8dcad2acdcea30c465f8c8a0
c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43
c5dd4ef3b0218cf6468076aa06ac6d62ab02f8b473cc3dc14326be028d3f93e8
c5f553379d19a360e27caf7c4758acffd1d3d20a2cd969a703f48c3d3757410b
c86d76eaeb0b04f6404d131b610b8b66fdb4906e5fe346b953dca9dba3d36196
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ce44d9d3620877fb90e5a0dc690fb51323242adfd601d2d327e623488f94c67d
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d99dd3891be0d37edbcc13fdaad780f164a758be5d0c8a71f66596e6cda04f70
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
e10c3d34c087f4ba169402acdf0559ad7d39b66e332977b4ac99a4f2419cfa87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7050c9c2c02bdad147168792c62f4666e490e59fee0aab7bbb4ef3ee5096775
f73cc31d1c918df6dd0e3f0f19b7d8e7240b6a8babf1296e621d0c04143a8333
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe134cc761d514d5cf0f8573e8ac531c075ebc47c7c82985638f6ef09b327ab3