lp.canadianvisaexpert.com Open in urlscan Pro
2606:4700:10::ac43:698 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mautic.pro-immigration.org/r/efde177ce3727c921df0d5c2f?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO...
Effective URL:
https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Submission Tags: falconsandbox
Submission: On December 15 via api (December 15th 2022, 12:40:45 pm UTC) from US — Scanned from DE

Summary HTTP 120 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 21 domains to perform 120 HTTP transactions. The main IP is 2606:4700:10::ac43:698, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp.canadianvisaexpert.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 7th 2022. Valid for: a year.

This is the only time lp.canadianvisaexpert.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:39fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 60	2606:4700:10:... 2606:4700:10::ac43:698	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	23.36.163.137 23.36.163.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	52.72.186.224 52.72.186.224	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	163.171.129.134 163.171.129.134	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
120	26

1 2606:4700:10::6816:39fc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mautic.pro-immigration.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2606:4700:10::ac43:698 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

payments.canadianvisaexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.canadianvisaexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-137.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.186.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-186-224.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 163.171.129.134 (United Kingdom)

ASN54994 (QUANTILNETWORKS, US)

lp-api.lpactivityexperts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nodejs.shopping-basket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	canadianvisaexpert.com 1 redirects payments.canadianvisaexpert.com lp.canadianvisaexpert.com	466 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 73	810 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	132 KB
5	lpactivityexperts.com lp-api.lpactivityexperts.com	76 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	283 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 jnn-pa.googleapis.com — Cisco Umbrella Rank: 182	32 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 202	2 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 792	101 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 937 trc.taboola.com — Cisco Umbrella Rank: 664 trc-events.taboola.com — Cisco Umbrella Rank: 1573	20 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	37 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	quora.com a.quora.com — Cisco Umbrella Rank: 7213 q.quora.com — Cisco Umbrella Rank: 3424	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	112 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 68	18 KB
1	shopping-basket.biz nodejs.shopping-basket.biz	282 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 82	77 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6041	501 B
1	pro-immigration.org 1 redirects mautic.pro-immigration.org	596 B
0	c-r.cc Failed c-r.cc Failed
120	21

	Domain	Requested by
59	lp.canadianvisaexpert.com	lp.canadianvisaexpert.com client
9	www.youtube.com	lp.canadianvisaexpert.com www.youtube.com
5	lp-api.lpactivityexperts.com	lp.canadianvisaexpert.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	www.googletagmanager.com	lp.canadianvisaexpert.com www.googletagmanager.com
4	jnn-pa.googleapis.com	www.youtube.com
4	analytics.tiktok.com	lp.canadianvisaexpert.com analytics.tiktok.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	trc-events.taboola.com	cdn.taboola.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.com	www.youtube.com lp.canadianvisaexpert.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	lp.canadianvisaexpert.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	lp.canadianvisaexpert.com connect.facebook.net
1	lh3.googleusercontent.com	lp.canadianvisaexpert.com
1	nodejs.shopping-basket.biz	lp.canadianvisaexpert.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.de	lp.canadianvisaexpert.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	q.quora.com	lp.canadianvisaexpert.com
1	trc.taboola.com	cdn.taboola.com
1	a.quora.com	lp.canadianvisaexpert.com
1	cdn.taboola.com	lp.canadianvisaexpert.com
1	fonts.googleapis.com	lp.canadianvisaexpert.com
1	payments.canadianvisaexpert.com	1 redirects
1	mautic.pro-immigration.org	1 redirects
0	c-r.cc Failed	lp.canadianvisaexpert.com
120	30

This site contains no links.

Subject Issuer	Validity	Valid
canadianvisaexpert.com Go Daddy Secure Certificate Authority - G2	`2022-11-07` - `2023-12-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-23` - `2022-12-22`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
quora.com R3	`2022-11-13` - `2023-02-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.quora.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
support17perf.cdnetworks.net GlobalSign RSA OV SSL CA 2018	`2022-11-11` - `2023-10-28`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Frame ID: 1FAC5846FB1DE9118376525143F37E76
Requests: 98 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MtV2OdpT3jE
Frame ID: 69765062ABAD3D8C66C5F2C57A12F902
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canadian Visa Experts | Register

Page URL History Show full URLs

https://mautic.pro-immigration.org/r/efde177ce3727c921df0d5c2f?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY... HTTP 302
https://payments.canadianvisaexpert.com/Handlers/registerHandler.ashx?utm_outsource=1&utm_sub=0&ccopen=1&utm_cid=4&u... HTTP 302
https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

120
Requests

98 %
HTTPS

77 %
IPv6

21
Domains

30
Subdomains

26
IPs

6
Countries

2202 kB
Transfer

5727 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mautic.pro-immigration.org/r/efde177ce3727c921df0d5c2f?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO2k6MTtpOjE4OTY7fXM6NToiZW1haWwiO2k6MTE5O3M6NDoic3RhdCI7czoyMjoiNjM5YWQ2YzVkNDI0Mjc0MTI1NTkzNyI7czo0OiJsZWFkIjtzOjc6IjIyNjQyMTYiO3M6NzoiY2hhbm5lbCI7YToxOntzOjU6ImVtYWlsIjtpOjExOTt9fQ%3D%3D HTTP 302
https://payments.canadianvisaexpert.com/Handlers/registerHandler.ashx?utm_outsource=1&utm_sub=0&ccopen=1&utm_cid=4&utm_u=&utm_p=&utm_af=_emccan0510_MT&utm_source=MAUTIC&utm_medium=email&utm_term=lp_payment&utm_campaign=MAUTIC_CVE_Activate_Your_Application_USD05_10_EN&utm_content=canada_personal_activate_your_application_4usafis HTTP 302
https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

120 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lp.canadianvisaexpert.com/lp/cve/register_sub0/
Redirect Chain

https://mautic.pro-immigration.org/r/efde177ce3727c921df0d5c2f?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO2k6MTtpOjE4OTY7fXM6NToiZW1haWwiO2k6MTE5O3M6NDoic3RhdCI7czoyMjoiNjM...
https://payments.canadianvisaexpert.com/Handlers/registerHandler.ashx?utm_outsource=1&utm_sub=0&ccopen=1&utm_cid=4&utm_u=&utm_p=&utm_af=_emccan0510_MT&utm_source=MAUTIC&utm_medium=email&utm_term=lp...
https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

11 KB
3 KB

324ms
288ms

Document
text/html

2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6bea8fc60434a98a3a0f11534bac6e6924e27df70392e8394f7191bf116e2f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 779f3fb8bffd9be8-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 15 Dec 2022 12:40:38 GMT
last-modified: Mon, 12 Dec 2022 14:00:17 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 779f3fb149719be8-FRA
content-type: text/html; charset=utf-8
date: Thu, 15 Dec 2022 12:40:38 GMT
location: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
server: cloudflare

GET
H2 200 relativeValidations.css
lp.canadianvisaexpert.com/lp/Shared/ 1 KB
767 B 39ms
37ms Stylesheet
text/css 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/relativeValidations.css
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 11abc8b715ea5cdaf3fa5f61b70cb7307628a320e5f57d051e4e50df10aec3fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 12 Dec 2021 08:53:22 GMT
server: cloudflare
age: 597533
etag: "11eb89b735efd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbbadef9be8-FRA
content-length: 620

GET
H2 200 style.css
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 19 KB
5 KB 57ms
54ms Stylesheet
text/css 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc6f3b9cfbf0c629b5b72d28023fc93652a183da8e0939bbf7314d5a7abfafe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:05:28 GMT
server: cloudflare
age: 597534
etag: "3ffd948b48e8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbbadf29be8-FRA
content-length: 4752

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Amiri:wght@400;700&family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

698621e2cf4d18f838442512fda1eb1c02f775cbd2c40f5fdd16f075ad1cc11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 12:40:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H2 200 Translations.js Show response
lp.canadianvisaexpert.com/lp/cve/register_sub0/ 4 KB
2 KB 93ms
92ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Translations.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fb8de6f5f1ba6c137829e748e048ab6c40722f05e55ca945261b1ff1625d6460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:17 GMT
server: cloudflare
age: 3787
etag: "e947f61032ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc0ec39be8-FRA
content-length: 2101

GET
H2 200 settings.js Show response
lp.canadianvisaexpert.com/lp/cve/ 1 KB
640 B 79ms
79ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/cve/settings.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a1001dce5c06c045a1c0f2156150e7cbb3b83b77215c37eb5cb1863ea26d03eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 06 Jul 2022 08:05:48 GMT
server: cloudflare
age: 597533
etag: "51807233f91d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc2eed9be8-FRA
content-length: 539

GET
H2 200 init.js Show response
lp.canadianvisaexpert.com/lp/Shared/ 14 KB
6 KB 75ms
73ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/init.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 30e13cbaf6f40327f6b6bf1e1d8ef790a4bb19c7dce37b3ea787afee91040eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Sep 2022 14:25:37 GMT
server: cloudflare
age: 597533
etag: "c41e954c6cdd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc2efc9be8-FRA
content-length: 6266

GET
H2 200 form.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/ 4 KB
1 KB 61ms
60ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2db0b33f2f9afc9847a289113a6dd3e5cbb3934346ad6191c92a8b08b980f073

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:34:48 GMT
server: cloudflare
age: 236634
etag: "10a350f474b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbbadf39be8-FRA
content-length: 1134

GET
H2 200 main.js Show response
lp.canadianvisaexpert.com/lp/cve/register_sub0/ 4 KB
2 KB 77ms
76ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/main.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9fd0eaf3dbc5ee365e39fcb2d4b05bb06c38b31fc61bb2fa1ac0c4ff8cd5eeb0

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:17 GMT
server: cloudflare
age: 172019
etag: "8281f11032ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc2ef09be8-FRA
content-length: 1498

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 114ms
62ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-28213132-2

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9470cb65d2cbef439bbd3a81e07a336e5bdc814c4045a03476388645158e129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 88ms
36ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-28213132-20

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d970a2c2730733f959e591fd55cefdcc20c579d52e89812a7a6929572626e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1119492/ 58 KB
18 KB 78ms
27ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1119492/tfa.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 859f3ee260a094f56504ecc1ebd7bf7671932cbef931cd80ae095b2979c36a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: lcHFMqVZb66LrXW3Q7Cu69dxnPZZitZG
content-encoding: gzip
via: 1.1 varnish
date: Thu, 15 Dec 2022 12:40:39 GMT
x-amz-request-id: S4ZNR30FJDDA9HED
age: 163
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18118
x-amz-id-2: VhHtjkRYKJHoqybSVlIAHW8gh1DDqXi8YWLdc3YRYMlIVKQ7pAZkOFKfepiDzc1twuOVO9f/VvM=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Sun, 11 Dec 2022 11:37:25 GMT
server: AmazonS3
x-timer: S1671108039.118031,VS0,VE3
etag: "166c24c841bbd85eb397aa6d0e419fe4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 49
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 60ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 12:40:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3mI8w1D7OgNyrWiD6Fplk1iOO6p6WcXhwohfZOLQ9PVZLebaT7JsDLZUTyIiYH99sFAllNggH26O/0YEVfiSow==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 216ms
121ms Script
application/javascript 23.36.163.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAQ469BC77UBO7QI1IG0&lib=ttq
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 23c905852ac1ebdb36be3b816822ef33fec5694871688c8dc16059cde19c6da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 4cb26d37
date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=95
content-length: 1416
pragma: no-cache
server: nginx
x-tt-logid: 20221215124039AE831A199176491D9442
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.161.137
x-tt-trace-host: 010df6296fdbb6dbd3dbc52f3fcb2de0d780ca4e203213358fc6e6924e8bba5217234f6a151de496102b2355a3b324d9b025177ae7aa3fe3dffd14e2d42f36ad28e64576f16457e62990ac0d1e9fe2d9dc
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
14 KB 140ms
82ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 4K18RXATE8CH2H8E
age: 11521248
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jHbk68zF0oCrN99I6TpiQ8LNg0dDTKL0BkbZQKZkL1zB85BMiiIcpjSQWNebJHGDeWUqTCN88Lg=
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 779f3fbc8c8b9b5d-FRA
expires: Thu, 15 Dec 2022 16:40:39 GMT

GET
H2 200 MtV2OdpT3jE Show response
www.youtube.com/embed/ Frame 6976 69 KB
30 KB 123ms
72ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MtV2OdpT3jE

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20590d40f0654e171a9b7b994c0cd037c6b976d939996bd51f0a3510645e38c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.canadianvisaexpert.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 12:40:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 logo.svg
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 14 KB
4 KB 71ms
71ms Image
image/svg+xml 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/logo.svg
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 037c5c52ba311654a28eeab481388d5960bfb3a276cbda222817ef05650f959a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:04:03 GMT
server: cloudflare
age: 337385
etag: W/"eaa2f55848e8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 779f3fbc2f099be8-FRA

GET
H2 200 lang.svg
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 992 B
585 B 68ms
67ms Image
image/svg+xml 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/lang.svg
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a8e4ef1cc04ae62af3a3dd02dbd23af470f8868787bee2b679110554a42bf6c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:18 GMT
server: cloudflare
age: 3785
etag: W/"b93621132ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 779f3fbc3f1b9be8-FRA

GET
H2 200 main_BG_1920.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 78 KB
79 KB 46ms
46ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/main_BG_1920.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8ae9efb01a946a019b7e461fd9114aecf58d551616f05ef40c694618ecfc61bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:04:03 GMT
server: cloudflare
age: 595552
etag: "5f9315948e8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc3f169be8-FRA
content-length: 80257

GET
H2 200 bullet.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 2 KB
2 KB 68ms
68ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/bullet.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1c6d6dfec75940cb4650ff009def7e2aabe60e2cbb3fd3373490188a2d7020c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:04:03 GMT
server: cloudflare
age: 597521
etag: "97ffe45848e8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc3f189be8-FRA
content-length: 1759

GET
H2 200 journy_BG_1920.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 16 KB
16 KB 65ms
64ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/journy_BG_1920.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cdf19e8e6de965d0834319bd1401d7d6fd789aae1d43aaccbe85eb88787371c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:38 GMT
server: cloudflare
age: 250022
etag: "7e79f71c32ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbcd89f9be8-FRA
content-length: 16745

GET
H2 200 testimonial_BG_1920.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 253 KB
254 KB 48ms
48ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/testimonial_BG_1920.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75e4e7fe0ea60dd0d5e418c3badd026815b6aab27343207ac8301bc11b313b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:38 GMT
server: cloudflare
age: 10366
etag: "73b8301d32ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbd18ff9be8-FRA
content-length: 259423

GET
H2 200 J7aRnpd8CGxBHpUutLM.woff2
fonts.gstatic.com/s/amiri/v26/ 20 KB
20 KB 92ms
45ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amiri/v26/J7aRnpd8CGxBHpUutLM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Amiri:wght@400;700&family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a30ab007939335bbf745c994f81fa69e554b02a85b310fbd583530ad317ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:55:24 GMT
x-content-type-options: nosniff
age: 42315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20612
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:12:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 00:55:24 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 66ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Amiri:wght@400;700&family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 16:15:31 GMT
x-content-type-options: nosniff
age: 419108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:15:31 GMT

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Email/ 3 KB
2 KB 69ms
67ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Email/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 000fc254546bdd81fa0ea5c44756019c86a3a9f306c86eccaf2b279869488cb8

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 109863
etag: "7d61fb9347f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc3f279be8-FRA
content-length: 1589

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Fname/ 3 KB
2 KB 71ms
69ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Fname/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 036c9ff899b395c1a0c75f5d82a1c1862e24294e84bd1fbf923ebd405fa14236

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 3786
etag: "38c460af47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f359be8-FRA
content-length: 1447

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Birth_country/ 4 KB
2 KB 68ms
66ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Birth_country/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c6a1ccfd6ef11651d0367c31a1b093d191c819faf1eeee4fb2661d90bd40f35b

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 30504
etag: "959af69347f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f379be8-FRA
content-length: 1699

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Fullname/ 4 KB
2 KB 70ms
68ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Fullname/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b39af19a1289a35c0b417a67ef01457a56f47dcefbf9b40f6d469abd9756bf53

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 172287
etag: "d6f249447f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f3b9be8-FRA
content-length: 1892

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Lname/ 3 KB
2 KB 70ms
69ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Lname/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1ca99074b2c627af8a8f3898a0af0350057bb689548ac22287a3ec196d6103ad

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 08:42:06 GMT
server: cloudflare
age: 3786
etag: "8595ddf94f8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f3c9be8-FRA
content-length: 1484

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Phone/ 4 KB
2 KB 85ms
83ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Phone/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4e6ed29aeba00701feff52cb95f436f319fb2c697c64bec012e3028f4d43df11

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 3786
etag: "b77090af47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f3f9be8-FRA
content-length: 1626

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Phone_code/ 5 KB
2 KB 83ms
81ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Phone_code/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a47983b1600fee7928cfa987bac2ea0f4b081c2a206169ac737f4e31adae586c

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 57268
etag: "2d142b9447f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f429be8-FRA
content-length: 2036

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Citizenship/ 4 KB
2 KB 71ms
69ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Citizenship/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3065fcbe51160db801f21f459261824e1088797fefa850179d5bf7685b10bd45

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:13 GMT
server: cloudflare
age: 236633
etag: "1ac0784370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f469be8-FRA
content-length: 1676

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Education/ 3 KB
2 KB 100ms
99ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Education/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 51f3be588a66c930545638f3fbb240157eefae360ab2e2ea917df90da8dbae6e

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 37910
etag: "bd9a59af47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f489be8-FRA
content-length: 1713

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Marital_status_select/ 3 KB
2 KB 70ms
69ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Marital_status_select/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c4868da79975a22cdb5d5ae457b4bc54eb83fdeea9879bb2f6a9382c0128a137

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 3786
etag: "b6f37aaf47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f4a9be8-FRA
content-length: 1574

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Birthday/ 9 KB
3 KB 90ms
89ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Birthday/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0e2dcf31ba58341ce1a62f3f6113adbda39d0ad0b6a06fda49f093146bc9edae

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 597533
etag: "3f7152af47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f4d9be8-FRA
content-length: 3107

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Occupation/ 4 KB
2 KB 126ms
124ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Occupation/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eac1a12f6aa18f23ee481ff7e3eb945da1ad5afd12f61b6e4307a95acc759bc6

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:14 GMT
server: cloudflare
age: 3786
etag: "a5cd74470b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f519be8-FRA
content-length: 1630

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_select/ 4 KB
2 KB 85ms
82ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_select/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6d4cabc187db1894bd3cb7d034bec3a425c9b99264095b6cf7f976a1122c06b6

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:14 GMT
server: cloudflare
age: 3786
etag: "ec20164470b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f5d9be8-FRA
content-length: 1719

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Marital_status_radio/ 2 KB
880 B 85ms
82ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Marital_status_radio/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 341d7969ddaa2775ea91025611709a7edbc822ae591e9b1fd6ffb877476658cc

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 109863
etag: "5b97159447f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f629be8-FRA
content-length: 802

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_radio/ 4 KB
2 KB 61ms
58ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_radio/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d68ec62164ac498171ae1abd91d29ab61a814f23688ee5a09edbfa03cf0652f1

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 3786
etag: "73e386af47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f669be8-FRA
content-length: 1918

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Ispeak/ 5 KB
2 KB 87ms
84ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Ispeak/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 46bcf7b9c798d3527b53e2a404ee63a5881d81b16b009ec37755a2c1d79578fe

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 3786
etag: "4934139447f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f689be8-FRA
content-length: 1858

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Qualified/ 4 KB
2 KB 86ms
84ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Qualified/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2baa29c97f7185a39cf5b26ee18657aec892667d3f77372b5d09e6c98f977ce7

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:40 GMT
server: cloudflare
age: 3786
etag: "b2d5c5370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f6b9be8-FRA
content-length: 1621

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/QualifiedCheckBoxImg/ 5 KB
2 KB 304ms
302ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/QualifiedCheckBoxImg/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: df6c20d4e0b90c91c765bab675dbc61862d7767271fe8cc797d8b440b2233db1

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Aug 2022 13:01:14 GMT
server: cloudflare
etag: "ccb5324470b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f6d9be8-FRA
content-length: 1923

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/HighSchoolCheckBox/ 1 KB
843 B 85ms
83ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/HighSchoolCheckBox/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 14db6f1f97f4c36f73b3d19b44ca44041e36a03d1f8ddd5600e2074a967618fc

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:39 GMT
server: cloudflare
age: 597533
etag: "55ec5270b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f6e9be8-FRA
content-length: 765

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Over18CheckBox/ 2 KB
1 KB 87ms
85ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Over18CheckBox/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8b11f79c21cb51c1b1e6021abdb30aa38ce4b75e48e3d7975cf7e23443a9845a

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:14 GMT
server: cloudflare
age: 109863
etag: "2294c4470b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f7c9be8-FRA
content-length: 1023

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Checkbox_job/ 3 KB
1 KB 90ms
88ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Checkbox_job/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5b55a390c614539338439faef548e8c478d26e43b7bb03ada5c3ac1c56a3bf49

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:13 GMT
server: cloudflare
age: 110774
etag: "84f9734370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f7e9be8-FRA
content-length: 1396

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Level_Of_English/ 3 KB
1 KB 86ms
85ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Level_Of_English/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 06a017988d11d7f105d974a83669d223ddbdf53ce1d732eb635f9188060be083

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:14 GMT
server: cloudflare
age: 533223
etag: "761fd84370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f809be8-FRA
content-length: 1315

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/GDPR/ 6 KB
3 KB 90ms
88ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/GDPR/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 41d893a22335d6274d25eac82f1c8d3db47fb9314686bd91a1123c9330b2cdd3

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 3786
etag: "906de9447f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f819be8-FRA
content-length: 2755

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/GDPR_New/ 8 KB
4 KB 87ms
86ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/GDPR_New/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6180a3a877c83656cfec024cc9390b31e57e90b902f3dcfadd51e0061b26752

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 08:37:08 GMT
server: cloudflare
age: 3786
etag: "ec4982484f8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f829be8-FRA
content-length: 3824

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/GDPR_PrivacyPolicy/ 6 KB
2 KB 61ms
59ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/GDPR_PrivacyPolicy/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 51a8c3ef84d1fb5d7c84f2702e5edf4108f32bb35dbcee496abc5ff6bedb89af

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:39 GMT
server: cloudflare
age: 597533
etag: "93c3d15270b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f839be8-FRA
content-length: 2239

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Utmparams/ 3 KB
2 KB 60ms
59ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Utmparams/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e6ae4684d10bc96208113225edd42e2c63f059095dbe91963d32f2a7a256a6ee

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Sep 2022 14:25:15 GMT
server: cloudflare
age: 3786
etag: "ee3d73f7c5cdd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f859be8-FRA
content-length: 1604

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Gender/ 2 KB
1 KB 86ms
84ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Gender/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c619eb1da12711acf435d1c27407fa627c627ee255ad9e36d28b03ff60288c5b

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:39 GMT
server: cloudflare
age: 109863
etag: "a54fdb5270b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f869be8-FRA
content-length: 989

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/GenderRadio/ 3 KB
1 KB 87ms
84ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/GenderRadio/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05cde092b68a4f8dbe6669d5b28e9b1189d178283bd876e6f7f1e20d5ad5dd7b

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:39 GMT
server: cloudflare
age: 397298
etag: "d478e25270b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f889be8-FRA
content-length: 1054

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Insurance/ 2 KB
1 KB 86ms
83ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Insurance/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18d32c64ef0633ab71dc5b67f2b2bd92311a74a39303fdbda18db948a8c1d43d

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:13 GMT
server: cloudflare
age: 233045
etag: "e779c74370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f899be8-FRA
content-length: 1012

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_toggle/ 2 KB
1 KB 59ms
56ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_toggle/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e9981b4b25ad0e281552c0d99263f8ed0b5e53814659f09732b57fe68790ec95

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:39 GMT
server: cloudflare
age: 109863
etag: "7aa5465370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc4f8b9be8-FRA
content-length: 1012

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Text_Area/ 2 KB
1 KB 83ms
80ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Text_Area/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 727349067da4d4e54a48e7827b05ac0051c1bdc9d7edae8aa26c1de61a9567d6

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:40 GMT
server: cloudflare
age: 3786
etag: "bec26c5370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc5f949be8-FRA
content-length: 1036

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/ContactLangauge/ 4 KB
2 KB 62ms
60ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/ContactLangauge/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: df0015423ad7ba44201ee193f29055034958b12423f60928aa0c65e13a1e4d13

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:13 GMT
server: cloudflare
age: 597533
etag: "65237b4370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc5f969be8-FRA
content-length: 2079

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/NewsLetter/ 2 KB
1 KB 120ms
118ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/NewsLetter/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c1fbce09d771064111524ad6d9d4eacafe00c18e3c6f989ea267446d0cc96b6f

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:06:20 GMT
server: cloudflare
age: 3786
etag: "28c11c9447f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc5f979be8-FRA
content-length: 1405

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/NewsLetterImg/ 3 KB
2 KB 86ms
84ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/NewsLetterImg/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60cc0f982c51d9311ee68cc3e9ade8c939b1c57a881420cba83c40beb0190781

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:39 GMT
server: cloudflare
age: 3786
etag: "d6632c5370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc5f9d9be8-FRA
content-length: 1459

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/Ab_Test/ 6 KB
2 KB 88ms
86ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Ab_Test/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 16a452efd6acfe529ea744eb1c37fec8303b767aa2aca494f7db294ece9ccf50

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:13 GMT
server: cloudflare
age: 597533
etag: "3a55634370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc5fa09be8-FRA
content-length: 2331

GET
H2 200 index.js Show response
lp.canadianvisaexpert.com/lp/Shared/FormElements/AverageMonthlyIncome/ 4 KB
1 KB 121ms
120ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/AverageMonthlyIncome/index.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e02a7508966d3e3d2f68180c92c281611a62ba286bd88de4271ac312ee469b4c

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/form.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 13:01:13 GMT
server: cloudflare
age: 222810
etag: "481c684370b1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbc5fa19be8-FRA
content-length: 1364

GET
H2 200 arrow_right.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 1 KB
1 KB 72ms
71ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/arrow_right.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12d73fe57b9cf2a39e738ba2582f04b05262fcb284a425e5f5388c6882ce650e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:18 GMT
server: cloudflare
age: 217601
etag: "7efb1032ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbd190f9be8-FRA
content-length: 1288

GET
H2 200 Yahoo-Logo.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 3 KB
3 KB 59ms
59ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/Yahoo-Logo.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5612397564017cc052b36ea883775fb2848fb5299e0dddd8fe2a5f95c254dfe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:04:03 GMT
server: cloudflare
age: 325211
etag: "c9152a5948e8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbd19189be8-FRA
content-length: 3369

GET
H2 200 Bloomberg-Logo.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 4 KB
5 KB 60ms
59ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/Bloomberg-Logo.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f86a85df65480ad062604200232e0963c10b352a04b2c5b9c930440a6da2b45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:05:28 GMT
server: cloudflare
age: 472876
etag: "4b9a548b48e8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbd191a9be8-FRA
content-length: 4579

GET
H2 200 reuters-logo.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 10 KB
11 KB 38ms
38ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/reuters-logo.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: be98a11b509ca367de82d54a0f7b9014bb75cf5c27efedcc9cf326d8d50ecedb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:04:03 GMT
server: cloudflare
age: 597520
etag: "e51fb5948e8d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbd496b9be8-FRA
content-length: 10676

GET
H2 200 1435411566691683 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 159ms
158ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1435411566691683?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

049bd6cedba6873e5f816f9beb8983eb3d8b28329a2f78ab72cac4503d54cf20

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 12:40:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: b7aOZRrI9jnpFXbwUqKQxUUXwkpGAL1vsxG9KlgGC74iNb2MQJR0erWrYVMLwNXJ6Bbr0JqJWv25ZaHi3Trzjw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 reviewsData.js Show response
lp.canadianvisaexpert.com/lp/cve/register_sub0/ 2 KB
1 KB 49ms
49ms Script
application/x-javascript 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/reviewsData.js
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 10ecb806c83b725ea6e4b51e9dc837133a8cfba9322d70231544fdcb17664e31

Request headers

Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/main.js
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:37 GMT
server: cloudflare
age: 172019
etag: "651dd61c32ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbcb8429be8-FRA
content-length: 1036

GET
H2 200 json Show response
trc.taboola.com/1119492/trc/3/ 2 KB
2 KB 50ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1119492/trc/3/json?tim=1671108039156&data=%7B%22id%22%3A227%2C%22ii%22%3A%22%2Flp%2Fcve%2Fregister_sub0%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1671108039150%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmemoglobal-cve-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1671108039155%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A32%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1119492/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b84fd67ac16a132c23066d11386e7d492080e8a4f2201dc0e0ba13870d2e8ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220035-HHN
server: nginx
x-timer: S1671108039.175406,VS0,VE20
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/a0703e0f/ Frame 6976 360 KB
49 KB 64ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a0703e0f/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:52:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49901
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 15:52:07 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/a0703e0f/www-embed-player.vflset/ Frame 6976 316 KB
98 KB 61ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a0703e0f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d33f7418da79ae999a053a687bcc5ef28ccdb9caee8a3f0db8618bdd7f110e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:52:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99941
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 15:52:17 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/ Frame 6976 2 MB
586 KB 91ms
51ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d865b411dc951776f97becd9238d074c3337c5daa22595fa8456b77643fa841f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:52:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600110
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 15:52:17 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/a0703e0f/fetch-polyfill.vflset/ Frame 6976 9 KB
3 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a0703e0f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:52:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 15:52:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6976 15 KB
15 KB 62ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 148752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6976 15 KB
15 KB 63ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 150051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Dec 2023 18:59:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 87ms
45ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P6TNM23XEC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-28213132-20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d4b1048a6c04bd2f69a0f8cc6996dced6e36041ee479deafc49e018bd22d988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 76ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-28213132-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-28213132-20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98bdb27d6f38a0ae5fefdc253155e33f52a1396594dcb6d99963d7201949b634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-28213132-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 11:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5093
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 15 Dec 2022 13:15:46 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/3f04bd95412840f2a44fd5304454e6cd/ 43 B
422 B 446ms
110ms Image
image/gif 52.72.186.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/3f04bd95412840f2a44fd5304454e6cd/pixel?j=1&u=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den&tag=ViewContent&ts=1671108039231

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.186.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-186-224.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 12:40:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,4908b970bcfe8b50d3b211bfc2bb804e,10.0.0.120,45716,217.114.218.20,,86642409854,1,1671108039.624,0.001,,.,0,0,0.000,0.000,-,0,0,197,162,81,10,34729,,,,,,-,
Content-Type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 86ms
53ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8JM9Q2BN4Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-28213132-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f6f86a5ae36cebdc41564bddb7c602d77bf5d469acb01d8b3195dd25b717a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76892
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H2 200 main.MWI5ZjkwYWMwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 248 KB
68 KB 23ms
22ms Script
application/javascript 23.36.163.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAQ469BC77UBO7QI1IG0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 81d9b8c783c89f06c8a538482842a9e68d79a105014b824522bc6de6b536ab59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 4cb26e7b
date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221213140530753D4BA654AF5C2624AA
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e0f2e2e33d80a1231f8ea4c9f2e0a10a2d20138f8c911372bf7face01bf363d51a8e367fa57f27eb9a256603932f5fc93e9d871aa8f1f784dfe010f483d191b44b7189c827a9aeb746cc10ef251a848b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 69151

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
26ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1536991796&t=pageview&_s=1&dl=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den&ul=en-us&de=UTF-8&dt=Register&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=80814780&gjid=1439144980&cid=1205675440.1671108039&tid=UA-28213132-20&_gid=102607361.1671108039&_r=1&gtm=2oubu0&z=1980745233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.canadianvisaexpert.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.canadianvisaexpert.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 60ms
27ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1536991796&t=pageview&_s=1&dl=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den&ul=en-us&de=UTF-8&dt=Register&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1996244563&gjid=1798033842&cid=1205675440.1671108039&tid=UA-28213132-2&_gid=102607361.1671108039&_r=1&gtm=2oubu0&z=1646537438

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.canadianvisaexpert.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.canadianvisaexpert.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_a213e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 24ms
22ms Script
application/javascript 23.36.163.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_a213e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 4cb26f51
date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202212131405225ED1CA70CC29A12A5B40
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 013bd3a6fda2045faf954495bfcba38e9e81cd89150bc87ccc6445fbff31f2cb070e9c4ee3699418952921aa35376150f79b3fc7edba8005edc54b06684644e9b5620db74024c14c51c9d78346671f2542
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 30751

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
692 B 146ms
146ms Ping
application/octet-stream 23.36.163.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.canadianvisaexpert.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1773711.4cb26fbb
date: Thu, 15 Dec 2022 12:40:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 117,23.36.161.137
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=20, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022121512403934EFE42A7FC9D719DE19
x-cache-remote: TCP_MISS from a23-217-116-151.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.217.116.151
x-tt-trace-host: 010df6296fdbb6dbd3dbc52f3fcb2de0d744fe37cf0d9b1aa803615d364fdfa87079ad064e01f53ca86390ff89ce0f67e37e149e881e662d4537a18b12f8b6ba2cd72071bc97c35cb0302e2a7922b4a59a20a595c346ef962e838b27a639debba0
expires: Thu, 15 Dec 2022 12:40:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28213132-20&cid=1205675440.1671108039&jid=80814780&gjid=1439144980&_gid=102607361.1671108039&_u=YEBAAUAAAAAAACAAI~&z=408423058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.canadianvisaexpert.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.canadianvisaexpert.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6976
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

71ms
27ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a31d6ab9a40511aa7773b55fe2617a8f4a09c3b613d462e55516704bd63fb7af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6976 29 B
588 B 67ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:28:52 GMT
x-content-type-options: nosniff
age: 707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Dec 2022 12:43:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 59ms
19ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1435411566691683&ev=PageView&dl=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den&rl=&if=false&ts=1671108039477&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671108039476.1812856254&it=1671108039142&coo=false&rqm=GET

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 12:40:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 72ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P6TNM23XEC&gtm=2oebu0&_p=1536991796&cid=1205675440.1671108039&ul=en-us&sr=1600x1200&_s=1&sid=1671108039&sct=1&seg=0&dl=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den&dt=Register&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P6TNM23XEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.canadianvisaexpert.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
354 B 50ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JM9Q2BN4Z&gtm=2oebu0&_p=1536991796&cid=1205675440.1671108039&ul=en-us&sr=1600x1200&_s=1&sid=1671108039&sct=1&seg=0&dl=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den&dt=Register&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JM9Q2BN4Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.canadianvisaexpert.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 72ms
26ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 15 Dec 2022 12:40:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6976 65 KB
30 KB 85ms
46ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6ad9bec19e46e8ab82093970d2537a97180a79dd8f2f68710b02c256dd007a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30904
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/ Frame 6976 119 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ecd818f7d27780c9964651da2ea3fa869944431f55f1c461cbf21981ec11a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37354
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 15:52:18 GMT

GET
H2 200 98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js Show response
www.google.com/js/th/ Frame 6976 36 KB
37 KB 68ms
18ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:42:00 GMT
x-content-type-options: nosniff
age: 57519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36798
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 20:42:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/ Frame 6976 26 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47c1b9c111fa6c1dca27a09e688de30283a46ec90156574611b4f8a79e0697d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8306
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 15:52:18 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 51ms
45ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28213132-20&cid=1205675440.1671108039&jid=80814780&_u=YEBAAUAAAAAAACAAI~&z=1149537554

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 100ms
46ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28213132-20&cid=1205675440.1671108039&jid=80814780&_u=YEBAAUAAAAAAACAAI~&z=1149537554

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GetCountries Show response
lp-api.lpactivityexperts.com/api/LpPublic/ 17 KB
18 KB 255ms
106ms Fetch
application/json 163.171.129.134
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://lp-api.lpactivityexperts.com/api/LpPublic/GetCountries
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/Shared/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.129.134 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 / ASP.NET
Resource Hash: 306f7065affa53e9c3296c55df077b5b30c3d2910a2259cb8d37548918a3701c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
via: 1.1 kf29:3 (W), 1.1 PS-LHR-01q9k95:14 (W)
server: PWS/8.3.1.0.8
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ws-request-id: 639b15c7_PSygldLON2ew56_5225-12140
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-px: ms PS-LHR-01q9k95LHR,ms kf29FRA(origin)
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 17767
expires: -1

GET
H2 200 GetEducationLevels Show response
lp-api.lpactivityexperts.com/api/LpPublic/ 846 B
1 KB 250ms
103ms Fetch
application/json 163.171.129.134
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://lp-api.lpactivityexperts.com/api/LpPublic/GetEducationLevels
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/Shared/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.129.134 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 / ASP.NET
Resource Hash: b3b8b9386b3ed69049bd0df605f9e155bf41ecda816d74956f48aa10b0886532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
via: 1.1 kf29:7 (W), 1.1 PS-LHR-01q9k95:6 (W)
server: PWS/8.3.1.0.8
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ws-request-id: 639b15c7_PSygldLON2ew56_5225-12141
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-px: ms PS-LHR-01q9k95LHR,ms kf29FRA(origin)
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 846
expires: -1

GET
H2 200 GetOccuaptionsOptions Show response
lp-api.lpactivityexperts.com/api/LpPublic/ 54 KB
55 KB 254ms
108ms Fetch
application/json 163.171.129.134
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://lp-api.lpactivityexperts.com/api/LpPublic/GetOccuaptionsOptions
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/Shared/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.129.134 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 / ASP.NET
Resource Hash: 51099636a6e0eceef015a1b2b1fddd8adcad1d715aad46d595b221cb63ff321a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
via: 1.1 kf29:8 (W), 1.1 PS-LHR-01q9k95:17 (W)
server: PWS/8.3.1.0.8
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ws-request-id: 639b15c7_PSygldLON2ew56_5225-12142
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-px: ms PS-LHR-01q9k95LHR,ms kf29FRA(origin)
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 55391
expires: -1

GET
H2 200 style.css
lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_radio/ 258 B
360 B 44ms
43ms Stylesheet
text/css 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/Passport_radio/style.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fd73327db582e280dab83a29ede6769447bf130b303fdb6040cfe6b6b3dc1375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 68118
etag: "608084af47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbf9e709be8-FRA
content-length: 246

GET
H2 200 style.css
lp.canadianvisaexpert.com/lp/Shared/FormElements/NewsLetter/ 144 B
301 B 61ms
60ms Stylesheet
text/css 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.canadianvisaexpert.com/lp/Shared/FormElements/NewsLetter/style.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee4bfed669752e41099e95df415ea2d69d2be330c12f0440f035d5faec88fe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 10:07:06 GMT
server: cloudflare
age: 57268
etag: "141d82af47f7d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fbf9e739be8-FRA
content-length: 218

GET
DATA 200
OK truncated
/ Frame 6976 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu8g8FLuRTrms6prD48ikyJK8B_0jUwrRCxabxMZ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6976 1 KB
2 KB 83ms
36ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8g8FLuRTrms6prD48ikyJK8B_0jUwrRCxabxMZ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

452c9ce5a9f3a9e176fe61cc043f0b28684319f7711212c2b669f04b21d9d262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: fife
etag: "v3b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 06:48:45 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/MtV2OdpT3jE/ Frame 6976 77 KB
77 KB 77ms
32ms Image
image/jpeg 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MtV2OdpT3jE/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

407e2510b6f885997b435461598153748f7536f7c76e0468a0ceb5cccd548b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78556
x-xss-protection: 0
server: sffe
etag: "1661950138"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Dec 2022 14:40:39 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6976 4 KB
3 KB 77ms
31ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 12:40:39 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 6976 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?XiOieA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/MtV2OdpT3jE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6976 90 B
134 B 36ms
36ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02032e3b69ccb80cf288557d1b6b60acdab74b30dab1a8f83db9334045f17c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
27ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 15 Dec 2022 12:40:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 users Show response
nodejs.shopping-basket.biz/lp/ 12 B
282 B 270ms
204ms Fetch
application/json 163.171.129.134
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://nodejs.shopping-basket.biz/lp/users?id=reasons
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.129.134 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 / Express
Resource Hash: 34496a54f8bee85cc9cae4536b2ca2db48b01e402abf9cafac5b587cf607c36b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:40 GMT
via: 1.1 PSygldLON2ew56:18 (W)
server: PWS/8.3.1.0.8
x-powered-by: Express
etag: W/"c-0/hyte/tM1s1v3yLg+/FZPbM+Fw"
x-ws-request-id: 639b15c7_PSygldLON2ew56_5225-12147
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-px: ms PSygldLON2ew56LHR(origin)
content-length: 12

GET
H2 200 AFdZucp3kFpsyzDrSpjvvZPJGjhr99sUaKsMNKCtL5KH=s120-c-c0x00000000-cc-rp-mo-br100
lh3.googleusercontent.com/a-/ 18 KB
18 KB 83ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AFdZucp3kFpsyzDrSpjvvZPJGjhr99sUaKsMNKCtL5KH=s120-c-c0x00000000-cc-rp-mo-br100

Requested by

Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3d923799e8939544719d59dbc59b982e90c4c5f9e73ec09b90da9c8f938207d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:29:00 GMT
x-content-type-options: nosniff
age: 7899
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18326
x-xss-protection: 0
server: fife
etag: "v7"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 06:04:05 GMT

GET
H2 200 star.svg
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 268 B
288 B 65ms
64ms Image
image/svg+xml 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/star.svg
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ae3bde4dad0f78852daee1ca8ea5b39c03ad6dd9340d2c06ec48ae5fad42c54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:18 GMT
server: cloudflare
age: 105785
etag: W/"3c3b151132ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 779f3fc0b8ad9be8-FRA

GET
H2 200 posted_on_google.png
lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/ 6 KB
6 KB 57ms
56ms Image
image/png 2606:4700:10::ac43:698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/posted_on_google.png
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6afaa64b6f2c5c768a6296cdebe7583d90b784906cfeeee1b602585aa0c87ca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/Style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:40:39 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 14:00:18 GMT
server: cloudflare
age: 732
etag: "6312e1132ed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 779f3fc0b8b19be8-FRA
content-length: 5979

GET 727SHV
c-r.cc/ 0
0

GET
H2 200 getDetails Show response
lp-api.lpactivityexperts.com/api/LpPublic/ 986 B
1 KB 117ms
117ms Fetch
application/json 163.171.129.134
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://lp-api.lpactivityexperts.com/api/LpPublic/getDetails?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/Shared/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.129.134 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 / ASP.NET
Resource Hash: c56be7d3ef60ad32d87fa2ee35a61ef5bc011f0c5e40d5e2d156a45ee5b96644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
via: 1.1 kf29:1 (W), 1.1 PSygldLON2ew56:16 (W)
server: PWS/8.3.1.0.8
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ws-request-id: 639b15c7_PSygldLON2ew56_5225-12143
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-px: ms PSygldLON2ew56LHR,ms kf29FRA(origin)
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 986
expires: -1

GET
H3 200 J7acnpd8CGxBHp2VkaY_zp4.woff2
fonts.gstatic.com/s/amiri/v26/ 19 KB
19 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amiri/v26/J7acnpd8CGxBHp2VkaY_zp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Amiri:wght@400;700&family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976862397ada7e28a1fb279f3d831115c95d58cd9df2b7ee46918f8133a0abfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.canadianvisaexpert.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:58:45 GMT
x-content-type-options: nosniff
age: 42114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19884
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:10:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 00:58:45 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame 6976 52 KB
15 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 11:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 16 Dec 2022 11:56:01 GMT

GET
H2 200 GetIsoByIp Show response
lp-api.lpactivityexperts.com/api/LpPublic/ 40 B
478 B 141ms
141ms Fetch
application/json 163.171.129.134
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://lp-api.lpactivityexperts.com/api/LpPublic/GetIsoByIp
Requested by: Host: lp.canadianvisaexpert.com
URL: https://lp.canadianvisaexpert.com/lp/Shared/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.129.134 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 / ASP.NET
Resource Hash: d1157894031d79ef4a2dbe2334b770c7f70839adab84d678a3f9c6ff019eec98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 12:40:39 GMT
via: 1.1 kf29:7 (W), 1.1 PS-LHR-01q9k95:13 (W)
server: PWS/8.3.1.0.8
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ws-request-id: 639b15c7_PSygldLON2ew56_5225-12148
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-px: ms PS-LHR-01q9k95LHR,ms kf29FRA(origin)
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 40
expires: -1

GET
H2 204 unip Show response
trc-events.taboola.com/1119492/log/3/ 0
254 B 106ms
26ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1119492/log/3/unip?en=pre_d_eng_tb&tos=1567&scd=32&ssd=1&est=1671108039153&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1671108040720&vi=1671108039150&ri=c2c4ebd8f8f68ca3b7f25c7970c9880c&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1119492/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://lp.canadianvisaexpert.com
pragma: no-cache
date: Thu, 15 Dec 2022 12:40:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 44ms
20ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1435411566691683&ev=Microdata&dl=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den&rl=&if=false&ts=1671108040981&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Canadian%20Visa%20Experts%20%7C%20Register%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671108039476.1812856254&it=1671108039142&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 12:40:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6976 28 B
54 B 37ms
36ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0703e0f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1671108041873
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MtV2OdpT3jE
X-YouTube-Client-Version: 1.20221213.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtpUzZNUW1qel9rMCjHq-ycBg%3D%3D
X-YouTube-Ad-Signals: dt=1671108039349&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1140%2C650&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 15 Dec 2022 12:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 15 Dec 2022 12:40:41 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1119492/log/3/ 0
253 B 27ms
26ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1119492/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=32&ssd=1&est=1671108039153&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1671108043721&vi=1671108039150&ri=c2c4ebd8f8f68ca3b7f25c7970c9880c&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Flp.canadianvisaexpert.com%2Flp%2Fcve%2Fregister_sub0%2F%3Fgid%3D8fe748f4-4d8a-4f9f-995a-40e771a535b0%26utm_lang%3Den
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1119492/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.canadianvisaexpert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://lp.canadianvisaexpert.com
pragma: no-cache
date: Thu, 15 Dec 2022 12:40:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c-r.cc
URL: https://c-r.cc/727SHV?siteid=4&online=false&utm_af=

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mautic.pro-immigration.org/	1970-01-20 16:57:24	Name: mautic_device_id Value: p5fmnctge6m1ytlybm5ei2f
mautic.pro-immigration.org/	1969-12-31 23:59:59	Name: mtc_id Value: 2264216
mautic.pro-immigration.org/	1969-12-31 23:59:59	Name: mtc_sid Value: p5fmnctge6m1ytlybm5ei2f
mautic.pro-immigration.org/	1970-01-20 08:11:49	Name: mautic_referer_id Value: 1283705
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WbPDuiDS51A
.youtube.com/	1970-01-20 12:31:00	Name: VISITOR_INFO1_LIVE Value: iS6MQmjz_k0
.tiktok.com/	1970-01-20 17:33:24	Name: _ttp Value: 2Ix0gjrh38Rde6FuiLi46QDtR5u
.canadianvisaexpert.com/	1970-01-20 08:13:14	Name: _gid Value: GA1.2.102607361.1671108039
.canadianvisaexpert.com/	1970-01-20 08:11:48	Name: _gat_gtag_UA_28213132_20 Value: 1
.canadianvisaexpert.com/	1970-01-20 08:11:48	Name: _gat_gtag_UA_28213132_2 Value: 1
.canadianvisaexpert.com/	1970-01-20 17:33:24	Name: _tt_enable_cookie Value: 1
.canadianvisaexpert.com/	1970-01-20 17:33:24	Name: _ttp Value: HCgn2eXQ_XGm5OKtfq3u0PF5ocs
.canadianvisaexpert.com/	1970-01-20 10:21:24	Name: _fbp Value: fb.1.1671108039476.1812856254
.canadianvisaexpert.com/	1970-01-20 17:47:48	Name: _ga_P6TNM23XEC Value: GS1.1.1671108039.1.0.1671108039.0.0.0
.canadianvisaexpert.com/	1970-01-20 17:47:48	Name: _ga Value: GA1.1.1205675440.1671108039
.canadianvisaexpert.com/	1970-01-20 17:47:48	Name: _ga_8JM9Q2BN4Z Value: GS1.1.1671108039.1.0.1671108039.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://lp.canadianvisaexpert.com/lp/cve/register_sub0/?gid=8fe748f4-4d8a-4f9f-995a-40e771a535b0&utm_lang=en Message: Access to fetch at 'https://c-r.cc/727SHV?siteid=4&online=false&utm_af=' from origin 'https://lp.canadianvisaexpert.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://c-r.cc/727SHV?siteid=4&online=false&utm_af= Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
analytics.tiktok.com
c-r.cc
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
lh3.googleusercontent.com
lp-api.lpactivityexperts.com
lp.canadianvisaexpert.com
mautic.pro-immigration.org
nodejs.shopping-basket.biz
payments.canadianvisaexpert.com
q.quora.com
region1.google-analytics.com
static.doubleclick.net
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
c-r.cc
141.226.228.48
151.101.129.44
162.159.152.17
163.171.129.134
2001:4860:4802:32::36
23.36.163.137
2606:4700:10::6816:39fc
2606:4700:10::ac43:698
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2016
2a00:1450:4001:812::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a00:1450:400c:c1b::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.72.186.224
000fc254546bdd81fa0ea5c44756019c86a3a9f306c86eccaf2b279869488cb8
02032e3b69ccb80cf288557d1b6b60acdab74b30dab1a8f83db9334045f17c12
036c9ff899b395c1a0c75f5d82a1c1862e24294e84bd1fbf923ebd405fa14236
037c5c52ba311654a28eeab481388d5960bfb3a276cbda222817ef05650f959a
049bd6cedba6873e5f816f9beb8983eb3d8b28329a2f78ab72cac4503d54cf20
05cde092b68a4f8dbe6669d5b28e9b1189d178283bd876e6f7f1e20d5ad5dd7b
06a017988d11d7f105d974a83669d223ddbdf53ce1d732eb635f9188060be083
0e2dcf31ba58341ce1a62f3f6113adbda39d0ad0b6a06fda49f093146bc9edae
10ecb806c83b725ea6e4b51e9dc837133a8cfba9322d70231544fdcb17664e31
11abc8b715ea5cdaf3fa5f61b70cb7307628a320e5f57d051e4e50df10aec3fe
12d73fe57b9cf2a39e738ba2582f04b05262fcb284a425e5f5388c6882ce650e
14db6f1f97f4c36f73b3d19b44ca44041e36a03d1f8ddd5600e2074a967618fc
16a452efd6acfe529ea744eb1c37fec8303b767aa2aca494f7db294ece9ccf50
18d32c64ef0633ab71dc5b67f2b2bd92311a74a39303fdbda18db948a8c1d43d
1c6d6dfec75940cb4650ff009def7e2aabe60e2cbb3fd3373490188a2d7020c9
1ca99074b2c627af8a8f3898a0af0350057bb689548ac22287a3ec196d6103ad
1f6f86a5ae36cebdc41564bddb7c602d77bf5d469acb01d8b3195dd25b717a1a
20590d40f0654e171a9b7b994c0cd037c6b976d939996bd51f0a3510645e38c0
23c905852ac1ebdb36be3b816822ef33fec5694871688c8dc16059cde19c6da9
2baa29c97f7185a39cf5b26ee18657aec892667d3f77372b5d09e6c98f977ce7
2d4b1048a6c04bd2f69a0f8cc6996dced6e36041ee479deafc49e018bd22d988
2db0b33f2f9afc9847a289113a6dd3e5cbb3934346ad6191c92a8b08b980f073
2f86a85df65480ad062604200232e0963c10b352a04b2c5b9c930440a6da2b45
3065fcbe51160db801f21f459261824e1088797fefa850179d5bf7685b10bd45
306f7065affa53e9c3296c55df077b5b30c3d2910a2259cb8d37548918a3701c
30e13cbaf6f40327f6b6bf1e1d8ef790a4bb19c7dce37b3ea787afee91040eef
341d7969ddaa2775ea91025611709a7edbc822ae591e9b1fd6ffb877476658cc
34496a54f8bee85cc9cae4536b2ca2db48b01e402abf9cafac5b587cf607c36b
3ae3bde4dad0f78852daee1ca8ea5b39c03ad6dd9340d2c06ec48ae5fad42c54
3d923799e8939544719d59dbc59b982e90c4c5f9e73ec09b90da9c8f938207d8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
407e2510b6f885997b435461598153748f7536f7c76e0468a0ceb5cccd548b88
41d893a22335d6274d25eac82f1c8d3db47fb9314686bd91a1123c9330b2cdd3
452c9ce5a9f3a9e176fe61cc043f0b28684319f7711212c2b669f04b21d9d262
46bcf7b9c798d3527b53e2a404ee63a5881d81b16b009ec37755a2c1d79578fe
47c1b9c111fa6c1dca27a09e688de30283a46ec90156574611b4f8a79e0697d0
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4e6ed29aeba00701feff52cb95f436f319fb2c697c64bec012e3028f4d43df11
51099636a6e0eceef015a1b2b1fddd8adcad1d715aad46d595b221cb63ff321a
51a8c3ef84d1fb5d7c84f2702e5edf4108f32bb35dbcee496abc5ff6bedb89af
51f3be588a66c930545638f3fbb240157eefae360ab2e2ea917df90da8dbae6e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5612397564017cc052b36ea883775fb2848fb5299e0dddd8fe2a5f95c254dfe5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b55a390c614539338439faef548e8c478d26e43b7bb03ada5c3ac1c56a3bf49
5ecd818f7d27780c9964651da2ea3fa869944431f55f1c461cbf21981ec11a63
60cc0f982c51d9311ee68cc3e9ade8c939b1c57a881420cba83c40beb0190781
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
698621e2cf4d18f838442512fda1eb1c02f775cbd2c40f5fdd16f075ad1cc11b
6afaa64b6f2c5c768a6296cdebe7583d90b784906cfeeee1b602585aa0c87ca9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4cabc187db1894bd3cb7d034bec3a425c9b99264095b6cf7f976a1122c06b6
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
727349067da4d4e54a48e7827b05ac0051c1bdc9d7edae8aa26c1de61a9567d6
75e4e7fe0ea60dd0d5e418c3badd026815b6aab27343207ac8301bc11b313b15
7d33f7418da79ae999a053a687bcc5ef28ccdb9caee8a3f0db8618bdd7f110e9
81d9b8c783c89f06c8a538482842a9e68d79a105014b824522bc6de6b536ab59
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859f3ee260a094f56504ecc1ebd7bf7671932cbef931cd80ae095b2979c36a20
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ae9efb01a946a019b7e461fd9114aecf58d551616f05ef40c694618ecfc61bb
8b11f79c21cb51c1b1e6021abdb30aa38ce4b75e48e3d7975cf7e23443a9845a
976862397ada7e28a1fb279f3d831115c95d58cd9df2b7ee46918f8133a0abfb
98bdb27d6f38a0ae5fefdc253155e33f52a1396594dcb6d99963d7201949b634
9b84fd67ac16a132c23066d11386e7d492080e8a4f2201dc0e0ba13870d2e8ca
9fd0eaf3dbc5ee365e39fcb2d4b05bb06c38b31fc61bb2fa1ac0c4ff8cd5eeb0
a1001dce5c06c045a1c0f2156150e7cbb3b83b77215c37eb5cb1863ea26d03eb
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a31d6ab9a40511aa7773b55fe2617a8f4a09c3b613d462e55516704bd63fb7af
a47983b1600fee7928cfa987bac2ea0f4b081c2a206169ac737f4e31adae586c
a8e4ef1cc04ae62af3a3dd02dbd23af470f8868787bee2b679110554a42bf6c7
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
b39af19a1289a35c0b417a67ef01457a56f47dcefbf9b40f6d469abd9756bf53
b3b8b9386b3ed69049bd0df605f9e155bf41ecda816d74956f48aa10b0886532
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
be98a11b509ca367de82d54a0f7b9014bb75cf5c27efedcc9cf326d8d50ecedb
c1fbce09d771064111524ad6d9d4eacafe00c18e3c6f989ea267446d0cc96b6f
c4868da79975a22cdb5d5ae457b4bc54eb83fdeea9879bb2f6a9382c0128a137
c56be7d3ef60ad32d87fa2ee35a61ef5bc011f0c5e40d5e2d156a45ee5b96644
c619eb1da12711acf435d1c27407fa627c627ee255ad9e36d28b03ff60288c5b
c6a1ccfd6ef11651d0367c31a1b093d191c819faf1eeee4fb2661d90bd40f35b
cdf19e8e6de965d0834319bd1401d7d6fd789aae1d43aaccbe85eb88787371c8
d1157894031d79ef4a2dbe2334b770c7f70839adab84d678a3f9c6ff019eec98
d6180a3a877c83656cfec024cc9390b31e57e90b902f3dcfadd51e0061b26752
d68ec62164ac498171ae1abd91d29ab61a814f23688ee5a09edbfa03cf0652f1
d6ad9bec19e46e8ab82093970d2537a97180a79dd8f2f68710b02c256dd007a8
d6bea8fc60434a98a3a0f11534bac6e6924e27df70392e8394f7191bf116e2f1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d865b411dc951776f97becd9238d074c3337c5daa22595fa8456b77643fa841f
d970a2c2730733f959e591fd55cefdcc20c579d52e89812a7a6929572626e0f2
dc6f3b9cfbf0c629b5b72d28023fc93652a183da8e0939bbf7314d5a7abfafe9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0015423ad7ba44201ee193f29055034958b12423f60928aa0c65e13a1e4d13
df6c20d4e0b90c91c765bab675dbc61862d7767271fe8cc797d8b440b2233db1
e02a7508966d3e3d2f68180c92c281611a62ba286bd88de4271ac312ee469b4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a30ab007939335bbf745c994f81fa69e554b02a85b310fbd583530ad317ad0
e6ae4684d10bc96208113225edd42e2c63f059095dbe91963d32f2a7a256a6ee
e9981b4b25ad0e281552c0d99263f8ed0b5e53814659f09732b57fe68790ec95
eac1a12f6aa18f23ee481ff7e3eb945da1ad5afd12f61b6e4307a95acc759bc6
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee4bfed669752e41099e95df415ea2d69d2be330c12f0440f035d5faec88fe55
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a
f9470cb65d2cbef439bbd3a81e07a336e5bdc814c4045a03476388645158e129
fb8de6f5f1ba6c137829e748e048ab6c40722f05e55ca945261b1ff1625d6460
fd73327db582e280dab83a29ede6769447bf130b303fdb6040cfe6b6b3dc1375

lp.canadianvisaexpert.com Open in urlscan Pro 2606:4700:10::ac43:698 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

98 %HTTPS

77 %IPv6

21 Domains

30 Subdomains

26 IPs

6 Countries

2202 kBTransfer

5727 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lp.canadianvisaexpert.com Open in urlscan Pro
2606:4700:10::ac43:698 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

98 %
HTTPS

77 %
IPv6

21
Domains

30
Subdomains

26
IPs

6
Countries

2202 kB
Transfer

5727 kB
Size

16
Cookies

120 HTTP transactions
1 data transactions