urlscan.io logo urlscan.io
SecurityTrails logo

insecm.ca Open in urlscan Pro
35.192.27.186  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cis2022.ca/
Effective URL: https://insecm.ca/cis2022/
Submission: On April 08 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 1 countries across 21 domains to perform 72 HTTP transactions. The main IP is 35.192.27.186, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is insecm.ca.
TLS certificate: Issued by R3 on April 1st 2022. Valid for: 3 months.
This is the only time insecm.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.142.173 16509 (AMAZON-02)
2 26 35.192.27.186 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 69.28.157.216 22822 (LLNW)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 4 216.152.140.212 13768 (COGECO-PEER1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 50.112.26.20 16509 (AMAZON-02)
1 2 107.178.246.49 15169 (GOOGLE)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 23.195.109.72 16625 (AKAMAI-AS)
1 2 52.203.157.37 14618 (AMAZON-AES)
72 24
1    15.197.142.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
cis2022.ca
26    35.192.27.186 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 186.27.192.35.bc.googleusercontent.com
www.insecm.ca
insecm.ca
1    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:4006:80c::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2607:f8b0:4006:809::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    69.28.157.216 (United States)

ASN22822 (LLNW, US)
PTR: https-69-28-157-216.iad.llnw.net
up.pixel.ad
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2607:f8b0:4006:806::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:823::2006 (United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
4    216.152.140.212 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
1    2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2607:f8b0:4006:81c::2016 (United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    50.112.26.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-26-20.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
1    23.195.109.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-109-72.deploy.static.akamaitechnologies.com
sync.teads.tv
2    52.203.157.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-157-37.compute-1.amazonaws.com
sync.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
26 insecm.ca
www.insecm.ca
insecm.ca
944 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
692 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
397 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 4
54 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
jnn-pa.googleapis.com — Cisco Umbrella Rank: 272
23 KB
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3311
3 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1158
load77.exelator.com — Cisco Umbrella Rank: 3356
2 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
static.doubleclick.net — Cisco Umbrella Rank: 340
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 434
901 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
427 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1031
287 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
14 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
1 KB
1 pixel.ad
up.pixel.ad — Cisco Umbrella Rank: 9405
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
38 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
28 KB
1 cis2022.ca
cis2022.ca
276 B
72 21
Domain Requested by
25 insecm.ca 1 redirects insecm.ca
9 www.youtube.com insecm.ca
cdnjs.cloudflare.com
www.youtube.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
5 www.google.com insecm.ca
www.gstatic.com
www.google.com
www.youtube.com
4 pixel.sitescout.com 2 redirects insecm.ca
4 jnn-pa.googleapis.com www.youtube.com
4 www.gstatic.com www.google.com
www.gstatic.com
2 sync.crwdcntrl.net 1 redirects
2 loadm.exelator.com 2 redirects
2 pixel.tapad.com 1 redirects
2 dpm.demdex.net 1 redirects
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.facebook.com insecm.ca
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net insecm.ca
connect.facebook.net
1 sync.teads.tv insecm.ca
1 load77.exelator.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 up.pixel.ad insecm.ca
1 www.googletagmanager.com insecm.ca
1 cdnjs.cloudflare.com insecm.ca
1 fonts.googleapis.com insecm.ca
1 www.insecm.ca 1 redirects
1 cis2022.ca 1 redirects
72 26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.eventbrite.ca
www.canada.ca
Subject Issuer Validity Valid
insecm.ca
R3		 2022-04-01 -
2022-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.pixel.ad
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-01-26 -
2023-02-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-15 -
2022-04-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://insecm.ca/cis2022/
Frame ID: 4640771BCC067E724962DE1A24912FA5
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Frame ID: AC993A8DFC4E5CC509EC82A4ACA4FBF8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Frame ID: 55D60D832B9440CA92B264605477D09F
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
Frame ID: 8ABFE1DD9B613A750200B2E3E6BDCAD2
Requests: 8 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 9D0E18FA1E55BE8C610BC060D991BAAB
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BD73A31E70ECE35C2268BA21CC61A5F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Cybersecurity & Identity Summit - In-Sec-M

Page URL History Show full URLs

  1. http://cis2022.ca/ HTTP 302
    http://www.insecm.ca/cis2022/ HTTP 301
    http://insecm.ca/cis2022/ HTTP 301
    https://insecm.ca/cis2022/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

72
Requests

92 %
HTTPS

64 %
IPv6

21
Domains

26
Subdomains

24
IPs

1
Countries

2331 kB
Transfer

5553 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cis2022.ca/ HTTP 302
    http://www.insecm.ca/cis2022/ HTTP 301
    http://insecm.ca/cis2022/ HTTP 301
    https://insecm.ca/cis2022/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 56
  • https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Request Chain 57
  • https://pixel.sitescout.com/up/28aa1c9d82356cb2?cntr_url=https%3A%2F%2Finsecm.ca%2Fcis2022%2F HTTP 302
  • https://pixel.sitescout.com/up/28aa1c9d82356cb2?cookieQ=1&cntr_url=https%3A%2F%2Finsecm.ca%2Fcis2022%2F
Request Chain 64
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
Request Chain 65
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341
Request Chain 66
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 68
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=&ct=y

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
insecm.ca/cis2022/
Redirect Chain
  • http://cis2022.ca/
  • http://www.insecm.ca/cis2022/
  • http://insecm.ca/cis2022/
  • https://insecm.ca/cis2022/
74 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e7cb09e7a3c6375ae87f8693da5ce885ba07b52816f36a3746475a2bbc82648f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Apr 2022 13:48:28 GMT
link
<https://insecm.ca/?p=1374>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 08 Apr 2022 13:48:28 GMT
Keep-Alive
timeout=20
Location
https://insecm.ca/cis2022/
Server
nginx
style.min.css
insecm.ca/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 19:42:26 GMT
server
nginx
etag
W/"620ea522-145a9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
insecm.ca/wp-content/plugins/widget-countdown/includes/gutenberg/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/plugins/widget-countdown/includes/gutenberg/style.css?ver=5.9.2
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5df826698a35d17bae69ff4ec76cdf83bf94d3661075a6ca2ca7c10502c68558

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 16:51:22 GMT
server
nginx
etag
W/"61e6f00a-1307"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
styles.css
insecm.ca/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
834 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Fri, 20 Mar 2020 16:29:28 GMT
server
nginx
etag
W/"5e74ef68-695"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		3 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C700&display=swap&ver=5.9.2
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6e7be9092dc28b9518a011a318c81278b08ce200fd92af46aba16755e77d2e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 13:48:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 08 Apr 2022 13:48:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Apr 2022 13:48:28 GMT
foundation.min.css
insecm.ca/wp-content/themes/insecm/assets/css/ 		106 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/themes/insecm/assets/css/foundation.min.css?ver=1617292906
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
86676c4ff1f466904248630baf892edcb490d5e26997510e014a18e88fec0f21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Thu, 01 Apr 2021 16:01:46 GMT
server
nginx
etag
W/"6065ee6a-1a70a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
insecm.ca/wp-content/themes/insecm/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/themes/insecm/assets/css/style.min.css?ver=1642525325
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
da287375fd1fa7674bdcdf6b1807a4404a30287b82a8651b26781fadef079f80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 17:02:05 GMT
server
nginx
etag
W/"61e6f28d-2061"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js?ver=3.4.1
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
314302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WatrOFGRezsQBmTM5k1ytG1TRD8LXOELuKCyKbjQ%2BkTRuoHD5Zu7Yf9r8TEbaCV30ZeSvmGnO%2B59vs9%2FtmQSP7Y6ZfE6hf5u7gYkdlqgxCB3Qs6A1dQdWR5LxDwR1x0lHszzjX%2BfZGWy3IUw1yRxSMTC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f8b75f60a85713c-YUL
expires
Wed, 29 Mar 2023 13:48:28 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-115085904-1
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3cd1f535ef6966551b2b199d9ae9225252bd447b9e34da41f7afc78d623cb73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38067
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Apr 2022 13:48:28 GMT
logo-can-72-01.png
insecm.ca/wp-content/uploads/2021/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2021/03/logo-can-72-01.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
18ae904db153ad91d8045ba29889be60052ce898618c42b5900d415e2bf418c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Mon, 01 Mar 2021 16:35:29 GMT
server
nginx
etag
"603d17d1-aa3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2723
style.css
insecm.ca/wp-content/plugins/widget-countdown/includes/style/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/plugins/widget-countdown/includes/style/style.css?ver=5.9.2
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
724af2e590bc3edd66e2d8873f44006ecbf3e5c9e632e04b32b35f7b9421d4af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 16:51:22 GMT
server
nginx
etag
W/"61e6f00a-111e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
dashicons.min.css
insecm.ca/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-includes/css/dashicons.min.css?ver=5.9.2
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
thickbox.css
insecm.ca/wp-includes/js/thickbox/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-includes/js/thickbox/thickbox.css?ver=5.9.2
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Mon, 26 Oct 2020 02:25:09 GMT
server
nginx
etag
W/"5f963385-a63"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
scripts.js
insecm.ca/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Fri, 20 Mar 2020 16:29:28 GMT
server
nginx
etag
W/"5e74ef68-3868"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
api.js
www.google.com/recaptcha/ 		884 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&ver=3.0
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9d41fda26da5a1f2db2f1cadfe36d7651a002314fd2e2c16d020627c8e361a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Fri, 08 Apr 2022 13:48:28 GMT
global.min.js
insecm.ca/wp-content/themes/insecm/assets/js/ 		144 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/themes/insecm/assets/js/global.min.js?ver=1584721767
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a5d1ab501ff9f0a41fb0538bd468fde8d78c670abe9ff12c080f9056d75faee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Fri, 20 Mar 2020 16:29:27 GMT
server
nginx
etag
W/"5e74ef67-24128"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
front_end_js.js
insecm.ca/wp-content/plugins/widget-countdown/includes/javascript/ 		2 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-content/plugins/widget-countdown/includes/javascript/front_end_js.js?ver=5.9.2
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b61d9e3f2b9cb5c965c65109a820a249d72433c63c2a8c68f7f7b3005e12bfc2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 16:51:22 GMT
server
nginx
etag
W/"61e6f00a-96c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
thickbox.js
insecm.ca/wp-includes/js/thickbox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insecm.ca/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 10:54:06 GMT
server
nginx
etag
W/"6034dece-338a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
up.js
up.pixel.ad/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://up.pixel.ad/assets/up.js?um=1
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-157-216.iad.llnw.net
Software
AC1.1 /
Resource Hash
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 16:22:21 GMT
server
AC1.1
age
546197
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1550
x-llid
d84623266ff03d22953bdfdc01025a90
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
WoBfiUHjG4QKweE4/LMkqiD0tezGlf8qy85bQ+RqY7g8u8lDjur9qO8/E049vBwJjuB2XmLIp4GFyGKy9Pr1Hg==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Fri, 08 Apr 2022 13:48:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v11/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v11/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C700&display=swap&ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://insecm.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:37:53 GMT
x-content-type-options
nosniff
age
151835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21144
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:06:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:37:53 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v11/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v11/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C700&display=swap&ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://insecm.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 20:03:47 GMT
x-content-type-options
nosniff
age
150281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21724
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:06:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 20:03:47 GMT
bg-side.png
insecm.ca/wp-content/themes/insecm/assets/img/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/themes/insecm/assets/img/bg-side.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/wp-content/themes/insecm/assets/css/style.min.css?ver=1642525325
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
43ed8bd78c1d2b2874cfd35ab1793c83240a193a4f9c345ef7be456205a0ed8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/wp-content/themes/insecm/assets/css/style.min.css?ver=1642525325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Fri, 20 Mar 2020 16:29:27 GMT
server
nginx
etag
"5e74ef67-b983"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
47491
cis-2022-2.jpg
insecm.ca/wp-content/uploads/2022/01/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2022/01/cis-2022-2.jpg
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
24b3f5b1ea35fd6b603069305d5b47abde647c00f818bab08aceba081e7e55f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Tue, 18 Jan 2022 16:11:35 GMT
server
nginx
etag
"61e6e6b7-2dcff"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
187647
CIS-One-Pager3-1.png
insecm.ca/wp-content/uploads/2022/04/ 		394 KB
395 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2022/04/CIS-One-Pager3-1.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a183f3e8b098a1420b6027b321b75ec25c0d1b762135360ba987c7bd04e7ebc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Tue, 05 Apr 2022 16:00:30 GMT
server
nginx
etag
"624c679e-6284a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
403530
okta_logo.png
insecm.ca/wp-content/uploads/2022/04/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2022/04/okta_logo.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
608691551856d70f30aec42af63da7ae59200bac1c2f50920954723db6a209c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Tue, 05 Apr 2022 14:37:05 GMT
server
nginx
etag
"624c5411-56ce"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22222
interac-125x125.png
insecm.ca/wp-content/uploads/2022/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2022/04/interac-125x125.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7c856ad61db6758c2105ba53288f32f394124b869bf05cabc5db49049cb68d22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Tue, 05 Apr 2022 14:39:01 GMT
server
nginx
etag
"624c5485-1765"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5989
luncheon-2.png
insecm.ca/wp-content/uploads/2022/04/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2022/04/luncheon-2.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dde3934c741612729d17bf2bed46f1da1e9c7e9b840230a3285d319b0e9d32e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Tue, 05 Apr 2022 14:47:51 GMT
server
nginx
etag
"624c5697-6948"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
26952
Ethey-Logo-01-300x152.png
insecm.ca/wp-content/uploads/2022/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2022/04/Ethey-Logo-01-300x152.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
776550c7c17a30f0e7edf14b7a87067c2eee64801c67259633f0e3815eed2e7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Tue, 05 Apr 2022 14:44:51 GMT
server
nginx
etag
"624c55e3-17ac"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6060
sponsors2022.png
insecm.ca/wp-content/uploads/2022/03/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2022/03/sponsors2022.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c7efb6ad7e524a04d3cdf82f067d2edd4bb3a628f8d1d29aa7fc14557d187026

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Mon, 14 Mar 2022 14:52:56 GMT
server
nginx
etag
"622f56c8-15bf0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
89072
im-sponsors_support-2.png
insecm.ca/wp-content/uploads/2021/04/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-content/uploads/2021/04/im-sponsors_support-2.png
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d770c95312914ded200ca8ba324dd25e41fe7520d0331400ef520ee70743ba75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Thu, 08 Apr 2021 20:30:40 GMT
server
nginx
etag
"606f67f0-5a11"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23057
mqFiyXVhZu4
www.youtube.com/embed/ Frame AC99 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insecm.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 08 Apr 2022 13:48:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ 		359 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insecm.ca/
Origin
https://insecm.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 01:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144472
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 01:10:25 GMT
960789234678564
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/960789234678564?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7febef06c30c57f8768c8d3c41be34476d6b08d8c1ed05c8573d200601ede10c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
lycqsWM/7Ho5duOJgxEbPuqdqnnUFy3IzA5Ne7rf3A6MRtqLxPa65uReP0HAAg9NX+xsWii6CNvbw1InjEETVw==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 08 Apr 2022 13:48:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
mqFiyXVhZu4
www.youtube.com/embed/ Frame 55D6 		59 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js?ver=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93f784bfbd4f4da6273d9c7504f8b856b7b155d7925708af9662b970b9538ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insecm.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 08 Apr 2022 13:48:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
loadingAnimation.gif
insecm.ca/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insecm.ca/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.27.186 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.27.192.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/cis2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Mon, 05 Nov 2012 21:00:15 GMT
server
nginx
etag
"509828df-3b86"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15238
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115085904-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3872
date
Fri, 08 Apr 2022 12:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 08 Apr 2022 14:43:56 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8ABF 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6de6eae278792a05b45140bb834f0eff43432b01a0725fe41a363c25452aaa4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BPEg1UPwPNnZBWLLNkUGXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://insecm.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21748
content-security-policy
script-src 'report-sample' 'nonce-BPEg1UPwPNnZBWLLNkUGXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Apr 2022 13:48:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=960789234678564&ev=PageView&dl=https%3A%2F%2Finsecm.ca%2Fcis2022%2F&rl=&if=false&ts=1649425708901&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649425708894.247781788&it=1649425708695&coo=false&exp=p0&rqm=GET
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 08 Apr 2022 13:48:28 GMT
www-player.css
www.youtube.com/s/player/3b5d5649/ Frame 55D6 		346 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3b5d5649/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
82332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47442
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:16 GMT
www-embed-player.js
www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/ Frame 55D6 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
82331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87898
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:17 GMT
base.js
www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/ Frame 55D6 		2 MB
524 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb02548ba0c0ccbec95c6c882292f888d5b861e3679a02d68a76340572c820d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
82332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
536919
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:16 GMT
fetch-polyfill.js
www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/ Frame 55D6 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
82332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:16 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=564924797&t=pageview&_s=1&dl=https%3A%2F%2Finsecm.ca%2Fcis2022%2F&ul=en-us&de=UTF-8&dt=Online%20Cybersecurity%20%26%20Identity%20Summit%20-%20In-Sec-M&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=693858464&gjid=231204362&cid=1195995526.1649425709&tid=UA-115085904-1&_gid=1482821803.1649425709&_r=1&gtm=2ou3u0&z=621628066
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://insecm.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Apr 2022 13:48:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://insecm.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 55D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 11:41:34 GMT
x-content-type-options
nosniff
age
266814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 11:41:34 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 8ABF 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 01:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 01:10:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 8ABF 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 01:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144472
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 01:10:25 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8ABF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 17:24:45 GMT
x-content-type-options
nosniff
age
73424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 14 Apr 2022 17:24:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8ABF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 11:41:34 GMT
x-content-type-options
nosniff
age
266815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 11:41:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8ABF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:40:58 GMT
x-content-type-options
nosniff
age
151651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:40:58 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 55D6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H3
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a4f96d19cf748401808f391fc3eeffcfbf0984ba60ca05c22c30b0007e0f954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 08 Apr 2022 13:48:29 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 55D6 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:47:06 GMT
x-content-type-options
nosniff
age
83
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Apr 2022 14:02:06 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8ABF 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c74939ca24c142579238ecb4998957ff5cb87e4e1f3e64a18c8603f6e0dda584
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Fri, 08 Apr 2022 13:48:29 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 08 Apr 2022 13:48:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 55D6 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
875cfe9007601217e6e57a1218af8c07ea3715522e90546f5ec26372a75ff073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22341
x-xss-protection
0
e3At_1l0MfCxhkz_yjRHg9bLObo4Yqlh-n8OLMp9ym8.js
www.google.com/js/th/ Frame 55D6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/e3At_1l0MfCxhkz_yjRHg9bLObo4Yqlh-n8OLMp9ym8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b702dff597431f0b1864cffca344783d6cb39ba3862a961fa7f0e2cca7dca6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:14:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13757
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 13:14:58 GMT
embed.js
www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/ Frame 55D6 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49d7042e935669557171ff2881daa34c9fc70f1d8a5ac0ef309329e90eeb80c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
82332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:17 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 9D0E
Redirect Chain
  • https://pixel.sitescout.com/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
216.152.140.212 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
2892acf5a7bda258c5751124637a557b7fea63225e221abc213326c17275804e

Request headers

Referer
https://insecm.ca/cis2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
content-length
1158
content-type
text/html;charset=UTF-8
date
Fri, 08 Apr 2022 13:48:28 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
date
Fri, 08 Apr 2022 13:48:29 GMT
location
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server
AC1.1
28aa1c9d82356cb2
pixel.sitescout.com/up/
Redirect Chain
  • https://pixel.sitescout.com/up/28aa1c9d82356cb2?cntr_url=https%3A%2F%2Finsecm.ca%2Fcis2022%2F
  • https://pixel.sitescout.com/up/28aa1c9d82356cb2?cookieQ=1&cntr_url=https%3A%2F%2Finsecm.ca%2Fcis2022%2F
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/28aa1c9d82356cb2?cookieQ=1&cntr_url=https%3A%2F%2Finsecm.ca%2Fcis2022%2F
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Server
216.152.140.212 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insecm.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Apr 2022 13:48:29 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/up/28aa1c9d82356cb2?cookieQ=1&cntr_url=https%3A%2F%2Finsecm.ca%2Fcis2022%2F
date
Fri, 08 Apr 2022 13:48:28 GMT
server
AC1.1
content-length
0
truncated
/ Frame 55D6 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRRQtru-b0Hdx0RrOwRpHnTNYZo27D-2-VdGCHTpn1hX7NITvc0tx5QiFnb140m=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 55D6 		880 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRRQtru-b0Hdx0RrOwRpHnTNYZo27D-2-VdGCHTpn1hX7NITvc0tx5QiFnb140m=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
73c3563d26a499bb02d5a6d5a1070cbaee9324222e607e557dfdc45bcf6acc41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:06:18 GMT
x-content-type-options
nosniff
server
fife
age
2531
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
880
x-xss-protection
0
expires
Sat, 09 Apr 2022 13:06:18 GMT
sddefault.webp
i.ytimg.com/vi_webp/mqFiyXVhZu4/ Frame 55D6 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/mqFiyXVhZu4/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2016 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4366a2e58d880175c748d352e72e8d661b261697c8422ed3b087a3610d41194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13582
x-xss-protection
0
server
sffe
etag
"1641402960"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 08 Apr 2022 15:48:29 GMT
/
www.facebook.com/tr/ Frame BD73 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://insecm.ca
Referer
https://insecm.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://insecm.ca
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 08 Apr 2022 13:48:29 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
reload
www.google.com/recaptcha/api2/ Frame 8ABF 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8b2a74b97a2aafea800d23d46b7c2d3e9135f0bda597bc8ab8782b4880351a01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfnSwaAAAAAD5TVBjXjRDf-aD7BU1bZJpPvplN&co=aHR0cHM6Ly9pbnNlY20uY2E6NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=x6x51apicd0d
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18184
x-xss-protection
1; mode=block
expires
Fri, 08 Apr 2022 13:48:29 GMT
generate_204
www.youtube.com/ Frame 55D6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?j-iyXw
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 9D0E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
50.112.26.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-26-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v027-089b1b542.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mLhBqpSuQsU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v027-03160bf55.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+sfx0KUIQuQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
check
pixel.tapad.com/idsync/ex/receive/ Frame 9D0E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341
date
Fri, 08 Apr 2022 13:48:29 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pixel.gif
load77.exelator.com/ Frame 9D0E
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Fri, 08 Apr 2022 13:48:30 GMT
x-age-lb
19
x-77-nzt-ray
x8dmT5ilmSo
x-77-cache
HIT
content-length
43
x-cache
HIT
x-age
323375
x-77-nzt
Alm7sQ+PjAz/L+8EAJySO+jLG7X/EwAAAA
x-lb-ip
156.146.59.232
x-cache-lb
HIT
x-accel-expires
@1650139135
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-lb-pop
newyorkUSNY
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
expires
Fri, 15 Jan 2021 19:58:16 GMT

Redirect headers

date
Fri, 08 Apr 2022 13:48:29 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
um
sync.teads.tv/ Frame 9D0E 		23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=73&uid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
Requested by
Host: insecm.ca
URL: https://insecm.ca/cis2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.109.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-109-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Apr 2022 13:48:29 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 08 Apr 2022 13:48:29 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
qmap
sync.crwdcntrl.net/ Frame 9D0E
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=&ct=y
49 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=&ct=y
Protocol
H2
Server
52.203.157.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-157-37.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Apr 2022 13:48:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.103
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Apr 2022 13:48:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d510af0e-3af5-4a65-aec7-f6eb47df88b7-62503d2d-4341&gdpr=&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.40.11.142
content-length
0
expires
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 08 Apr 2022 13:48:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 55D6 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9b3f8d4f369015b38d0e812d0d5a2ac1e24ff7c36791c8917f0b6aa8e146b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 08 Apr 2022 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 55D6 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/mqFiyXVhZu4?controls=0
X-YouTube-Client-Version
1.20220406.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt3YW9LRzltbURsbyis-sCSBg%3D%3D
X-YouTube-Ad-Signals
dt=1649425709124&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 08 Apr 2022 13:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| gtag object| dataLayer function| fbq function| _fbq object| wpcf7 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Foundation function| countdown_wpdevart_timer function| wpdevart_countdown_animated_element function| wpdevart_countdown_isScrolledIntoView object| thickboxL10n string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| cntrUpTag object| google_tag_manager object| imgLoader object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| closure_lm_246495 object| gaplugins object| gaGlobal object| gaData

23 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AG0dS7t9N9L6k8TKJ8N0kfKHX8ZpX9FcwmJi_wBjbOf5tbwcXUDqrPflNgrH36t2GM7MxeR90ReD-CPJvqf4HJc
insecm.ca/ Name: pll_language
Value: en
.youtube.com/ Name: YSC
Value: x7-acfee7Zk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: waoKG9mmDlo
.insecm.ca/ Name: _fbp
Value: fb.1.1649425708894.247781788
.insecm.ca/ Name: _ga
Value: GA1.2.1195995526.1649425709
.insecm.ca/ Name: _gid
Value: GA1.2.1482821803.1649425709
.insecm.ca/ Name: _gat_gtag_UA_115085904_1
Value: 1
.facebook.com/ Name: fr
Value: 0oMdOvC5NisvbMGsl..BiUD0s...1.0.BiUD0s.
.sitescout.com/ Name: _ssuma
Value: eyIzNCI6MTY0OTQyNTcwOTQ1NCwiMiI6MTY0OTQyNTcwOTQ1NCwiNCI6MTY0OTQyNTcwOTQ1NCwiMzkiOjE2NDk0MjU3MDk0NTQsIjciOjE2NDk0MjU3MDk0NTR9
.sitescout.com/ Name: ssi
Value: f65e6eab-de9b-4227-b909-a11b9ec98890#1649425709439
.tapad.com/ Name: TapAd_TS
Value: 1649425709649
.tapad.com/ Name: TapAd_DID
Value: 81b99b04-ba7c-4255-8b9f-fb1018203d9d
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.teads.tv/ Name: tt_viewer
Value: ecea23b7-230e-423e-ad5f-b114dd206319
.exelator.com/ Name: EE
Value: "b0c6f244935e4c01714a2240cdbd5f2d"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: ea93209be7945434d66e89a26982deff
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSE20NDYysExKNbc0MTUxNkkxM0u1sEw0MrO0MEpJTUtjAIKkAFtdEA0FAEYBCew%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBICrDVBVJQAAAOSQEd"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHJINkszcjExNLYNNUk2cDQ3NAk0cjIxCA5JSnFNM0oZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYEl%252BUWb6ImfHxUUpaQyLSopPBR9g2Q4AlNMp8A%253D%253D"
.demdex.net/ Name: demdex
Value: 47384343871558325261872456499890287075
.dpm.demdex.net/ Name: dpm
Value: 47384343871558325261872456499890287075

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cis2022.ca
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
insecm.ca
jnn-pa.googleapis.com
load77.exelator.com
loadm.exelator.com
pixel.sitescout.com
pixel.tapad.com
static.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
up.pixel.ad
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.insecm.ca
www.youtube.com
yt3.ggpht.com
107.178.246.49
15.197.142.173
216.152.140.212
23.195.109.72
2606:4700::6811:180e
2607:f8b0:4006:806::2003
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2004
2607:f8b0:4006:80c::2008
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81c::2016
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2006
2a02:6ea0:c400::12
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.229.3.43
35.192.27.186
50.112.26.20
52.203.157.37
69.28.157.216
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a5d1ab501ff9f0a41fb0538bd468fde8d78c670abe9ff12c080f9056d75faee
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18ae904db153ad91d8045ba29889be60052ce898618c42b5900d415e2bf418c0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24b3f5b1ea35fd6b603069305d5b47abde647c00f818bab08aceba081e7e55f2
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2892acf5a7bda258c5751124637a557b7fea63225e221abc213326c17275804e
2a4f96d19cf748401808f391fc3eeffcfbf0984ba60ca05c22c30b0007e0f954
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3cd1f535ef6966551b2b199d9ae9225252bd447b9e34da41f7afc78d623cb73e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43ed8bd78c1d2b2874cfd35ab1793c83240a193a4f9c345ef7be456205a0ed8a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5df826698a35d17bae69ff4ec76cdf83bf94d3661075a6ca2ca7c10502c68558
608691551856d70f30aec42af63da7ae59200bac1c2f50920954723db6a209c9
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de6eae278792a05b45140bb834f0eff43432b01a0725fe41a363c25452aaa4a
724af2e590bc3edd66e2d8873f44006ecbf3e5c9e632e04b32b35f7b9421d4af
73c3563d26a499bb02d5a6d5a1070cbaee9324222e607e557dfdc45bcf6acc41
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
776550c7c17a30f0e7edf14b7a87067c2eee64801c67259633f0e3815eed2e7f
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
7b702dff597431f0b1864cffca344783d6cb39ba3862a961fa7f0e2cca7dca6f
7c856ad61db6758c2105ba53288f32f394124b869bf05cabc5db49049cb68d22
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7febef06c30c57f8768c8d3c41be34476d6b08d8c1ed05c8573d200601ede10c
86676c4ff1f466904248630baf892edcb490d5e26997510e014a18e88fec0f21
875cfe9007601217e6e57a1218af8c07ea3715522e90546f5ec26372a75ff073
8b2a74b97a2aafea800d23d46b7c2d3e9135f0bda597bc8ab8782b4880351a01
924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0
93f784bfbd4f4da6273d9c7504f8b856b7b155d7925708af9662b970b9538ed6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a183f3e8b098a1420b6027b321b75ec25c0d1b762135360ba987c7bd04e7ebc6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b61d9e3f2b9cb5c965c65109a820a249d72433c63c2a8c68f7f7b3005e12bfc2
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b9d41fda26da5a1f2db2f1cadfe36d7651a002314fd2e2c16d020627c8e361a3
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c74939ca24c142579238ecb4998957ff5cb87e4e1f3e64a18c8603f6e0dda584
c7efb6ad7e524a04d3cdf82f067d2edd4bb3a628f8d1d29aa7fc14557d187026
d4366a2e58d880175c748d352e72e8d661b261697c8422ed3b087a3610d41194
d770c95312914ded200ca8ba324dd25e41fe7520d0331400ef520ee70743ba75
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da287375fd1fa7674bdcdf6b1807a4404a30287b82a8651b26781fadef079f80
dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789
dde3934c741612729d17bf2bed46f1da1e9c7e9b840230a3285d319b0e9d32e0
e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e7be9092dc28b9518a011a318c81278b08ce200fd92af46aba16755e77d2e5
e7cb09e7a3c6375ae87f8693da5ce885ba07b52816f36a3746475a2bbc82648f
e9b3f8d4f369015b38d0e812d0d5a2ac1e24ff7c36791c8917f0b6aa8e146b41
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49d7042e935669557171ff2881daa34c9fc70f1d8a5ac0ef309329e90eeb80c
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fb02548ba0c0ccbec95c6c882292f888d5b861e3679a02d68a76340572c820d4