urlscan.io logo urlscan.io
SecurityTrails logo

gnascension.ca Open in urlscan Pro
174.89.212.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gnascension.ca/
Effective URL: https://gnascension.ca/
Submission: On October 19 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 52 HTTP transactions. The main IP is 174.89.212.158, located in Laval, Canada and belongs to BACOM, CA. The main domain is gnascension.ca.
TLS certificate: Issued by R3 on October 17th 2023. Valid for: 3 months.
This is the only time gnascension.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 174.89.212.158 577 (BACOM)
1 172.253.115.95 15169 (GOOGLE)
8 142.251.16.136 15169 (GOOGLE)
2 199.58.80.27 7765 (KOUMBIT)
5 172.253.122.94 15169 (GOOGLE)
1 31.13.66.35 32934 (FACEBOOK)
7 31.13.66.19 32934 (FACEBOOK)
2 31.13.80.12 32934 (FACEBOOK)
1 2 172.253.122.156 15169 (GOOGLE)
1 172.253.63.148 15169 (GOOGLE)
4 142.250.31.95 15169 (GOOGLE)
1 172.253.62.99 15169 (GOOGLE)
1 172.253.63.119 15169 (GOOGLE)
1 142.251.16.132 15169 (GOOGLE)
52 15
18    174.89.212.158 (Laval, Canada)

ASN577 (BACOM, CA)
PTR: bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
gnascension.ca
1    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
8    142.251.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f136.1e100.net
www.youtube.com
2    199.58.80.27 (Canada)

ASN7765 (KOUMBIT, CA)
PTR: matomo.koumbit.net
matomo.koumbit.net
5    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
fonts.gstatic.com
www.gstatic.com
1    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
7    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
static.xx.fbcdn.net
2    31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net
scontent-yyz1-1.xx.fbcdn.net
2    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
googleads.g.doubleclick.net
1    172.253.63.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net
static.doubleclick.net
4    142.250.31.95 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net
jnn-pa.googleapis.com
1    172.253.62.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f99.1e100.net
www.google.com
1    172.253.63.119 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f119.1e100.net
i.ytimg.com
1    142.251.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
yt3.ggpht.com
Apex Domain
Subdomains		 Transfer
18 gnascension.ca
gnascension.ca
3 MB
9 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 957
scontent-yyz1-1.xx.fbcdn.net — Cisco Umbrella Rank: 39661
169 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
1 MB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
90 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
jnn-pa.googleapis.com — Cisco Umbrella Rank: 237
33 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
static.doubleclick.net — Cisco Umbrella Rank: 304
1 KB
2 koumbit.net
matomo.koumbit.net
24 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 224
5 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
109 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
14 KB
52 11
Domain Requested by
18 gnascension.ca 1 redirects gnascension.ca
8 www.youtube.com gnascension.ca
www.youtube.com
7 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
4 jnn-pa.googleapis.com www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 scontent-yyz1-1.xx.fbcdn.net www.facebook.com
2 matomo.koumbit.net gnascension.ca
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.facebook.com gnascension.ca
1 fonts.googleapis.com gnascension.ca
52 15

This site contains links to these domains. Also see Links.

Domain
www.gnascension.ca
docs.google.com
www.google.com
maps.apple.com
erplibre.ca
Subject Issuer Validity Valid
gnascension.ca
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
piwik.koumbit.net
R3		 2023-09-16 -
2023-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://gnascension.ca/
Frame ID: 751D3D5FA02B0B95EF9C5EA3637DECF4
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Frame ID: F7E283F8FB2C968D4C2C7CD9FD9C4E57
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Frame ID: 16C83822BB60E9FDFEDE5B8DBC89CEE8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Ascension

Page URL History Show full URLs

  1. http://gnascension.ca/ HTTP 301
    https://gnascension.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

52
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

4945 kB
Transfer

9743 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gnascension.ca/ HTTP 301
    https://gnascension.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gnascension.ca/
Redirect Chain
  • http://gnascension.ca/
  • https://gnascension.ca/
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
462a1f6ffc9dee4557ee6d53aaeacbf14d2e22acdcce3025a7fb551dd853ab0a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 01:05:16 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
185
Content-Type
text/html
Date
Thu, 19 Oct 2023 01:05:16 GMT
Location
https://gnascension.ca/
Server
nginx/1.14.2
web.assets_common.0.css
gnascension.ca/web/content/9998-72ae214/1/ 		148 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/web/content/9998-72ae214/1/web.assets_common.0.css
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
5a3afe081c9d076c69d46d2811322fbd93d481e067cd128ccc5a9a7d638d94bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"4508638eae9e4fe7c212d1feb603c059"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
X-XSS-Protection
1; mode=block
web.assets_frontend.0.css
gnascension.ca/web/content/10000-776732e/1/ 		240 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/web/content/10000-776732e/1/web.assets_frontend.0.css
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
61043a6204ecbc84dc856f80056309ab65cc01a6fb093b63052a4bc51dc6f116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"419e54071958da2f95ef5e8cf351efa9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
X-XSS-Protection
1; mode=block
web.assets_frontend.1.css
gnascension.ca/web/content/10001-776732e/1/ 		79 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/web/content/10001-776732e/1/web.assets_frontend.1.css
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
485566975122dc7b6941c3766af8c8f0fed9344103cecd90a34221f6793629d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"58d80c2944ac07719e87cf5683ca17a4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
X-XSS-Protection
1; mode=block
web.assets_common.js
gnascension.ca/web/content/9999-72ae214/1/ 		1 MB
321 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/web/content/9999-72ae214/1/web.assets_common.js
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
a805e99cf059c12baf73ce6968c700d1b1ac1cd8c9e9d58d529a50b02f11372e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"b98277c1c15f96cc1186f0cda93decf3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
X-XSS-Protection
1; mode=block
web.assets_frontend.js
gnascension.ca/web/content/10002-776732e/1/ 		655 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/web/content/10002-776732e/1/web.assets_frontend.js
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
67decbe8dc0e38be67223ab515bb01b149b9ab2b94cea0b29dff957f71fe3964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"429c5b7ee761a4291cbf8ae471aa2d4a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
X-XSS-Protection
1; mode=block
logo
gnascension.ca/web/image/res.company/1/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnascension.ca/web/image/res.company/1/logo?unique=4b973cf
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
ba3a7e105e2514a77dfcfab971304364a11d5e62ede7b39fe59edad8d042cd74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"768f0719c00cbc556fd23bcd7d060f36"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/web/content/10000-776732e/1/web.assets_frontend.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
1d3dab990b8b413cef74c2acd7d5d1f920183d1f5b755da6e80397986d163646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 23:45:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 01:05:17 GMT
translations
gnascension.ca/website/ 		48 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/website/translations
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/web/content/9999-72ae214/1/web.assets_common.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
0e2d30cb02882d288463564bfe01544b73c9fde4b99f213cf12a7a73d8495be5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gnascension.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
Server
nginx/1.14.2
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json
Vary
Accept-Encoding
Connection
keep-alive
X-XSS-Protection
1; mode=block
fr_CA
gnascension.ca/web/webclient/locale/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/web/webclient/locale/fr_CA
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/web/content/9999-72ae214/1/web.assets_common.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
7992df73b753d51e353416d4d6d978508d9862dc4b1e64cd34ad5a5b878b5729
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
Server
nginx/1.14.2
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Cache-Control
max-age=36000
Connection
keep-alive
X-XSS-Protection
1; mode=block
website_sale_stock_product_availability.xml
gnascension.ca/website_sale_stock/static/src/xml/ 		2 KB
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/website_sale_stock/static/src/xml/website_sale_stock_product_availability.xml
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/web/content/9999-72ae214/1/web.assets_common.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
c1ea811a3f37b4549ef804ba4f813a5726b990f9a7d789b6a517097bcfabf43d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
Server
nginx/1.14.2
Etag
W/"wzsdm-1665031492-1916-2284196276"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/xml
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=864000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 29 Oct 2023 01:05:17 GMT
YlEUkGX1_EI
www.youtube.com/embed/ Frame F7E2 		93 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
ESF /
Resource Hash
210468792a5811ea87922e5603127fcf4c7e18296c27e3f375ba3b4c176b89c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gnascension.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 01:05:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
piwik.js
matomo.koumbit.net/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.koumbit.net/piwik.js
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.58.80.27 , Canada, ASN7765 (KOUMBIT, CA),
Reverse DNS
matomo.koumbit.net
Software
Apache/2.4.56 (Debian) /
Resource Hash
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Strict-Transport-Security
max-age=63072000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Sep 2020 22:55:10 GMT
Server
Apache/2.4.56 (Debian)
Content-Encoding
gzip
ETag
"1131c-5aefd75cecf80-gzip"
Vary
Accept-Encoding
X-Hostname
matomo.koumbit.net
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
23691
Ascension-banner-2023.jpg
gnascension.ca/web/image/9989/ 		115 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnascension.ca/web/image/9989/Ascension-banner-2023.jpg
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
8da5bd91537dcfb7c3fe49632a418ac3183ad40f859d9932836d35525a284c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"d1ab633762d141aef7cf1c6c29e72ac6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
Fond.jpg
gnascension.ca/web/image/1056/ 		452 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnascension.ca/web/image/1056/Fond.jpg
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
9fa118732bb1cff812869441cc85b8eac393740173234e47cfe7e20135618ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"26475a234f943e8dbc4b2e99405e5020"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
157591834_122055113255897_7017615075067667239_o.jpg
gnascension.ca/web/image/562/ 		296 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnascension.ca/web/image/562/157591834_122055113255897_7017615075067667239_o.jpg
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
32f09a12dcf1bc1c4bdb779bed09c08de2f6bbd8277fa23055acdfdda8532f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"e5eb6ee567e561722377156ac66d0d88"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
Fond.jpg
gnascension.ca/web/image/1364/ 		452 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnascension.ca/web/image/1364/Fond.jpg
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
9fa118732bb1cff812869441cc85b8eac393740173234e47cfe7e20135618ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"26475a234f943e8dbc4b2e99405e5020"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
Butin.jpg
gnascension.ca/web/image/1396/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnascension.ca/web/image/1396/Butin.jpg
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
7553b41b2502d127722060868ad65d9871c47b8688f2aaa46e1bf6e76be92cea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"251da7bbcbb1e9d9c6d75b43411cb170"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v22/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v22/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
9fba21cadf406469bf9bf6a18ed755edbd245f48efaaeb8a19ff6dff655aefdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gnascension.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:46:07 GMT
x-content-type-options
nosniff
age
472750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43380
x-xss-protection
0
last-modified
Tue, 30 May 2023 21:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 13:46:07 GMT
fontawesome-webfont.woff2
gnascension.ca/web/static/lib/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gnascension.ca/web/static/lib/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/web/content/9998-72ae214/1/web.assets_common.0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gnascension.ca/web/content/9998-72ae214/1/web.assets_common.0.css
Origin
https://gnascension.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Server
nginx/1.14.2
Etag
"wzsdm-1665031492-77160-2223376861"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
max-age=864000
Connection
keep-alive
Content-Length
77160
X-XSS-Protection
1; mode=block
Expires
Sun, 29 Oct 2023 01:05:17 GMT
Banderole5.jpg
gnascension.ca/web/image/5661/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnascension.ca/web/image/5661/Banderole5.jpg
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.89.212.158 Laval, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-mtrlpq3704w-grc-15-174-89-212-158.dsl.bell.ca
Software
nginx/1.14.2 /
Resource Hash
328177c8f88cde5ab5d5a08236a4ed8e3f437cbf7bb6d2dc0f35f58ca228026d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
ETag
W/"834272454dd1f17660a8c3985fb895a6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
page.php
www.facebook.com/plugins/ Frame 16C8 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/web/content/9999-72ae214/1/web.assets_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
12d3f409481d8bcb2f21569b226b5c803d85c6dd7cabcd131d4efcc44224d80e
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gnascension.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 01:05:17 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
NqXEW50bzXsa5vlsGcncIhNgP4b+p4pleA+sPR6nAIoSAzjke4cvvBkO5wJOSCvqGXAsCWRIE1BwwksxArhFHw==
x-xss-protection
0
piwik.php
matomo.koumbit.net/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matomo.koumbit.net/piwik.php?action_name=Home%20%7C%20Ascension&idsite=248&rec=1&r=599526&h=18&m=5&s=17&url=https%3A%2F%2Fgnascension.ca%2F&_id=d8ef381ba07ad0ec&_idts=1697677517&_idvc=1&_idn=1&_refts=0&_viewts=1697677517&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=125&pv_id=cta6Se
Requested by
Host: gnascension.ca
URL: https://gnascension.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.58.80.27 , Canada, ASN7765 (KOUMBIT, CA),
Reverse DNS
matomo.koumbit.net
Software
Apache/2.4.56 (Debian) /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gnascension.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 01:05:17 GMT
Strict-Transport-Security
max-age=63072000; preload
X-Content-Type-Options
nosniff
Server
Apache/2.4.56 (Debian)
X-Hostname
matomo.koumbit.net
Content-Type
image/gif
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Content-Length
43
lvgwio4mCBw.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ Frame 16C8 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/lvgwio4mCBw.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
a4604d87057433564b847da035238cb997d7efcae12f0038140e000febf90baa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
OZmnAhTX4XSIJeK+VVD41w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5575
x-fb-debug
4Gk8u7CYe0klclj4AN9BX5sBpvQI4C/j57S30SjnQuztNTErZf0z9OTkrYv8JjwpKtf7/i1yg73M1otoeuSXPA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:36:15 GMT
JeAVSvamNTp.js
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 16C8 		350 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/JeAVSvamNTp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5a5c38d29e6eacc656c9400b9effd9d50ecd4b6166b5ed5a9d281eaac33f344
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ROcw4YNG/0biNIc64xypYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92941
x-fb-debug
w9zBfUVvEHd5xUlNgs4Rzh6nsDar1zQHk0JTrd4yfbRXx/F7eufZoMxPtqO07xSTmhGvU3WiTLZULsCHEoR38w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 17 Oct 2024 00:20:44 GMT
B6mAd5gypzO.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 16C8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/B6mAd5gypzO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
W/4zPDc5e10tqG6oIdpSHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1699
x-fb-debug
OPYmSpYK6EKaLM7CLXH3OzaRctUb2szsbsJsi66jz+cw5tgYi4DpFyuME9njD3etmIMSf2XYlmGSqms1C22Zig==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 07 Oct 2024 18:19:59 GMT
7ExlZRGXd6y.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 16C8 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/7ExlZRGXd6y.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
f49ec31b0ac51a73696d93cf49497d02de83e8dc34fc515e7eebcca16711dbaa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+sqGq+ENKpCYyjIYiK7B6A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27885
x-fb-debug
nlTwunK+ce95eYQOcbAbyanoRh+NlqPtWHZc/pX7vYJJMAKPd1zXioHODOSpbcAsPXtTUBcn0UrR9acLEMI51w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 16 Oct 2024 00:36:00 GMT
kUHY057jBx2.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/ Frame 16C8 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/kUHY057jBx2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
49bb0a8b7867036d77e18545125628120fcb3c72e25a351e60aa14e649919ac4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8DFZuvywG2h7eEq6M7sX3A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29886
x-fb-debug
MC8Il72G6QjwDjaIJkqKpGwZGJjlHo/jePZZRf4UMN8093mEHGfvW28qk4bwXNHC2ajbj/Ng66GygBmn8xEEpA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 17 Oct 2024 15:06:45 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 16C8 		507 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
OFxz+kOYPWu+6MozgwogMZojjxyVFcgmolqi65FvDrlJGXB4PtAwXBCcj8tZbnX3veMteUgyOhjX4lrWxLUYCw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 05 Oct 2024 10:21:53 GMT
331054444_3104471853031400_8130188361807079303_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 16C8 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/331054444_3104471853031400_8130188361807079303_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=5f2048&_nc_ohc=1qopTU0iVOwAX_MAMp5&_nc_ht=scontent-yyz1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCbwDJiUH4XZ3TMmMjQhcpGB0G-z-NxGWH0l0O3YwMRzA&oe=6535652D
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
09675865d98cd1e41c0440173e924de92ed3f29e6e4d4b3b44e8b077feca186b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 14 Feb 2023 02:53:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2558398429
thrift_fmhk
GBBxt5ijmGQzmIZtGTWJzSkMFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2650535703
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
10575
334031544_756323582506873_1721642422508895687_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 16C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/334031544_756323582506873_1721642422508895687_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=5f2048&_nc_ohc=lr9jvlul9_8AX-mv1Le&_nc_ht=scontent-yyz1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfAPGMyOZYKyu7KMybAe-NGW-RfQ08uz8oSgWhwrhEzOTA&oe=65355AA8
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgnascension&show_facepile=false&small_header=false&tabs=&width=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
5061e7217598018d05af1683115ed657fb68a9e3a0d6ea3e89c17e2144492d97

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 27 Feb 2023 20:49:48 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3745842976
thrift_fmhk
GBArptKjpi/Lh/La1sn7KqwfFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1463853906
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1569
www-player.css
www.youtube.com/s/player/dd34ec3d/ Frame F7E2 		379 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dd34ec3d/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
2320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49033
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:52:21 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Oct 2024 00:26:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7E2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:43:28 GMT
x-content-type-options
nosniff
age
472909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 13:43:28 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7E2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:48:39 GMT
x-content-type-options
nosniff
age
472598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 13:48:39 GMT
embed.js
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/ Frame F7E2 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
dac38a2dc563760b6d72ad00392b1829308e286ada8bdb8940e0e17af44cd539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
2696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16923
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:52:21 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Oct 2024 00:20:21 GMT
www-embed-player.js
www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/ Frame F7E2 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:51:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97482
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:52:21 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Oct 2024 00:51:15 GMT
base.js
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/ Frame F7E2 		3 MB
800 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
20d8f1bb858f25e73854ca50ac0e68d257e398d46c44c6621b31065afc6bd75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
818653
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:52:21 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 17 Oct 2024 23:16:03 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 16C8 		573 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/lvgwio4mCBw.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/lvgwio4mCBw.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-debug
mpAdZ4+fXbdODbhl9h2t7ejOJMFILkrK01uecys0325YnbNSFp7nwgeKzY51FxtE8PPNfNzTOGOz2xzF+xp/Og==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Wed, 09 Oct 2024 10:13:58 GMT
id
googleads.g.doubleclick.net/pagead/ Frame F7E2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
1589e5e5c657e4d5a1f6cbbee9c6e4de9b2d20f06837e25d45d564d92fa3c611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Oct 2023 01:05:17 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F7E2 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f148.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:01:06 GMT
x-content-type-options
nosniff
age
251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 01:16:06 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 19 Oct 2023 01:05:17 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F7E2 		68 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
eca08441380d36294d5e49511fccc05f5978179b6df05da810a5de1a88b817a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32034
x-xss-protection
0
remote.js
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/ Frame F7E2 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
ccecee43a7746f2dce1a20b4844fe2747efc947064aa9f8f76a6dc2ffce87717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
2874
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33485
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:52:21 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Oct 2024 00:17:23 GMT
QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js
www.google.com/js/th/ Frame F7E2 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f99.1e100.net
Software
sffe /
Resource Hash
41c0002c3d1f2327a3af0770e386d06534a5d12fed7f1a48c23c359a7511ea22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
32031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14673
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 16:11:26 GMT
maxresdefault.jpg
i.ytimg.com/vi/YlEUkGX1_EI/ Frame F7E2 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/YlEUkGX1_EI/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f119.1e100.net
Software
sffe /
Resource Hash
580c36a36c0819946ef64907f11bef0a9c62218c9f9a4e5587370ce08454bf24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110667
x-xss-protection
0
server
sffe
etag
"1627373252"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Oct 2023 03:05:17 GMT
truncated
/ Frame F7E2 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
APkrFKY4RNI1Q2HyKjKnNHGtqw2Bf97fbtmXYMfc5ORBCQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F7E2 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKY4RNI1Q2HyKjKnNHGtqw2Bf97fbtmXYMfc5ORBCQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
fife /
Resource Hash
38e496315d47063b096393ffa2d27c66f9fe294c5b523fec5cb1a02e0e5b90ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v259"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4583
x-xss-protection
0
expires
Fri, 20 Oct 2023 01:05:17 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F7E2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 01:05:18 GMT
generate_204
www.youtube.com/ Frame F7E2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?IDKzkw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:05:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 19 Oct 2023 01:05:18 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F7E2 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
fba64188d5e95ef796e8eb5f63ada601f9a8415c079f9a916487c21167ef15e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 19 Oct 2023 01:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/118/ Frame F7E2 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/118/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14707
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 15:06:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 19 Oct 2023 23:11:16 GMT
log_event
www.youtube.com/youtubei/v1/ Frame F7E2 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-Goog-Request-Time
1697677519797
Content-Type
application/json
X-YouTube-Utc-Offset
-420
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/YlEUkGX1_EI?autoplay=0&rel=0&loop=1&playlist=YlEUkGX1_EI
X-YouTube-Client-Version
1.20231015.00.00
X-YouTube-Time-Zone
America/Vancouver
X-Goog-Visitor-Id
Cgs3SHZJeEdmMTc1TSjNgcKpBjIICgJDQRICGgA%3D
X-YouTube-Ad-Signals
dt=1697677517674&flash=0&frm=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C678%2C451&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 19 Oct 2023 01:05:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| odoo object| version object| QWeb2 function| _ function| moment function| $ function| jQuery function| Popper object| Util function| Alert function| Button object| jQuery1111019964683080873447 function| Carousel function| Collapse function| Dropdown function| Modal function| Tooltip function| Popover function| ScrollSpy function| Tab object| Select2 function| ClipboardJS number| ix object| vkbeautify object| d3 object| nv object| _paq object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

7 Cookies

Domain/Path Name / Value
gnascension.ca/ Name: frontend_lang
Value: fr_CA
gnascension.ca/ Name: session_id
Value: 375fb542efaa3146962fbdc479e2a3914f9834d1
gnascension.ca/ Name: im_livechat_history
Value: ["/"]
gnascension.ca/ Name: _pk_id.248.51f9
Value: d8ef381ba07ad0ec.1697677517.1.1697677517.1697677517.
gnascension.ca/ Name: _pk_ses.248.51f9
Value: 1
.youtube.com/ Name: YSC
Value: zQ_gE4HuJtI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 7HvIxGf175M

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gnascension.ca
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
matomo.koumbit.net
scontent-yyz1-1.xx.fbcdn.net
static.doubleclick.net
static.xx.fbcdn.net
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
142.250.31.95
142.251.16.132
142.251.16.136
172.253.115.95
172.253.122.156
172.253.122.94
172.253.62.99
172.253.63.119
172.253.63.148
174.89.212.158
199.58.80.27
31.13.66.19
31.13.66.35
31.13.80.12
09675865d98cd1e41c0440173e924de92ed3f29e6e4d4b3b44e8b077feca186b
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0e2d30cb02882d288463564bfe01544b73c9fde4b99f213cf12a7a73d8495be5
12d3f409481d8bcb2f21569b226b5c803d85c6dd7cabcd131d4efcc44224d80e
1589e5e5c657e4d5a1f6cbbee9c6e4de9b2d20f06837e25d45d564d92fa3c611
1d3dab990b8b413cef74c2acd7d5d1f920183d1f5b755da6e80397986d163646
20d8f1bb858f25e73854ca50ac0e68d257e398d46c44c6621b31065afc6bd75f
210468792a5811ea87922e5603127fcf4c7e18296c27e3f375ba3b4c176b89c0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
328177c8f88cde5ab5d5a08236a4ed8e3f437cbf7bb6d2dc0f35f58ca228026d
32f09a12dcf1bc1c4bdb779bed09c08de2f6bbd8277fa23055acdfdda8532f09
38e496315d47063b096393ffa2d27c66f9fe294c5b523fec5cb1a02e0e5b90ba
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41c0002c3d1f2327a3af0770e386d06534a5d12fed7f1a48c23c359a7511ea22
462a1f6ffc9dee4557ee6d53aaeacbf14d2e22acdcce3025a7fb551dd853ab0a
485566975122dc7b6941c3766af8c8f0fed9344103cecd90a34221f6793629d0
49bb0a8b7867036d77e18545125628120fcb3c72e25a351e60aa14e649919ac4
5061e7217598018d05af1683115ed657fb68a9e3a0d6ea3e89c17e2144492d97
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
580c36a36c0819946ef64907f11bef0a9c62218c9f9a4e5587370ce08454bf24
5a3afe081c9d076c69d46d2811322fbd93d481e067cd128ccc5a9a7d638d94bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61043a6204ecbc84dc856f80056309ab65cc01a6fb093b63052a4bc51dc6f116
67decbe8dc0e38be67223ab515bb01b149b9ab2b94cea0b29dff957f71fe3964
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62
7553b41b2502d127722060868ad65d9871c47b8688f2aaa46e1bf6e76be92cea
7992df73b753d51e353416d4d6d978508d9862dc4b1e64cd34ad5a5b878b5729
8da5bd91537dcfb7c3fe49632a418ac3183ad40f859d9932836d35525a284c67
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9fa118732bb1cff812869441cc85b8eac393740173234e47cfe7e20135618ecc
9fba21cadf406469bf9bf6a18ed755edbd245f48efaaeb8a19ff6dff655aefdb
a4604d87057433564b847da035238cb997d7efcae12f0038140e000febf90baa
a805e99cf059c12baf73ce6968c700d1b1ac1cd8c9e9d58d529a50b02f11372e
ba3a7e105e2514a77dfcfab971304364a11d5e62ede7b39fe59edad8d042cd74
c1ea811a3f37b4549ef804ba4f813a5726b990f9a7d789b6a517097bcfabf43d
c5a5c38d29e6eacc656c9400b9effd9d50ecd4b6166b5ed5a9d281eaac33f344
ccecee43a7746f2dce1a20b4844fe2747efc947064aa9f8f76a6dc2ffce87717
d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dac38a2dc563760b6d72ad00392b1829308e286ada8bdb8940e0e17af44cd539
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca08441380d36294d5e49511fccc05f5978179b6df05da810a5de1a88b817a5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f49ec31b0ac51a73696d93cf49497d02de83e8dc34fc515e7eebcca16711dbaa
fba64188d5e95ef796e8eb5f63ada601f9a8415c079f9a916487c21167ef15e7