www.above.com Open in urlscan Pro
103.224.182.24  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://ww25.capialone.ca/ Page URL
2. http://ww25.capialone.ca/listing Page URL
3. https://www.above.com/marketplace/capialone.ca Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

• https://v2.zopim.com/?2t3F7kW0hNrM42m15GE81Ox9awj7kQy2 HTTP 302
• https://static.zdassets.com/ekr/asset_composer.js

Request Chain 71

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3546452%26time%3D1705201595188%26url%3Dhttps%253A%252F%252Fwww.above.com%252Fmarketplace%252Fcapialone.ca%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&cookiesTest=true&liSync=true

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response ww25.capialone.ca/	1021 B 2 KB	1144ms 712ms	Document text/html	199.59.243.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww25.capialone.ca/ Protocol HTTP/1.1 Server 199.59.243.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a3a5beee3acd04b65484fa58adc985a203419a6897f323033522fd24b340afd6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ch sec-ch-prefers-color-scheme cache-control no-store, max-age=0 content-length 1021 content-type text/html; charset=utf-8 critical-ch sec-ch-prefers-color-scheme date Sun, 14 Jan 2024 03:06:29 GMT vary sec-ch-prefers-color-scheme x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_LlB1HM62QVGFDL7+zhF2AHtsF2mikqe/NMVmnDX8fAn/Gnb+CetXGtkkqHmioOqZ0hWTjyUd/EejR9j8/T/ozw== x-request-id 6f40deb7-a9bd-48dd-9b98-4b047aff6629
GET H/1.1	200 OK	bhwtNfRei.js Show response ww25.capialone.ca/	31 KB 32 KB	507ms 475ms	Script application/javascript	199.59.243.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww25.capialone.ca/bhwtNfRei.js Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/ Protocol HTTP/1.1 Server 199.59.243.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 42789b56ef9ea52e8ecee805f214f4ce21beed10147a76cf648399f20318ddbc Request headers accept-language en-CA,en;q=0.9 Referer http://ww25.capialone.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:30 GMT content-length 32103 x-request-id 0b55fe1b-9fb1-4efa-bcfc-ffc67c73179d content-type application/javascript; charset=utf-8
POST H/1.1	200 OK	_fd Show response ww25.capialone.ca/	829 B 1 KB	335ms 335ms	Fetch text/html	199.59.243.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww25.capialone.ca/_fd Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/bhwtNfRei.js Protocol HTTP/1.1 Server 199.59.243.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 3f9880b3e44b717401516fbb171e4c026fadb54830d0883c2cbfba5a660ac78c Request headers Accept application/json Referer http://ww25.capialone.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/json Response headers x-version 2.110.6 date Sun, 14 Jan 2024 03:06:30 GMT content-encoding gzip pragma no-cache server openresty content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 581 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	caf.js www.google.com/adsense/domains/	146 KB 54 KB	483ms 42ms	Script text/javascript	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/domains/caf.js Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/bhwtNfRei.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://ww25.capialone.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:31 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "2659151770424299052" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes link <https://www.adsensecustomsearchads.com>; rel="preconnect" expires Sun, 14 Jan 2024 03:06:31 GMT
GET H2	200	cookie.js partner.googleadservices.com/gampad/	378 B 592 B	177ms 90ms	Script text/javascript	142.250.31.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.capialone.ca&client=undefined&product=SAS&callback=__sasCookie Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://ww25.capialone.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:31 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 241 x-xss-protection 0
GET H/1.1	200 OK	listing Show response ww25.capialone.ca/	1 KB 2 KB	314ms 314ms	Document text/html	199.59.243.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww25.capialone.ca/listing Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/bhwtNfRei.js Protocol HTTP/1.1 Server 199.59.243.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 6a6361f327897a559e096076e262a221f0ab75722388d017ce646ced66a8eb71 Request headers Referer http://ww25.capialone.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ch sec-ch-prefers-color-scheme cache-control no-store, max-age=0 content-length 1085 content-type text/html; charset=utf-8 critical-ch sec-ch-prefers-color-scheme date Sun, 14 Jan 2024 03:06:30 GMT vary sec-ch-prefers-color-scheme x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_VoUgqNpuVLl90wXf0XupE4U08BVLWXCg1BE4do8DmNuuWgElsmVXuJNGroOzIUdmf3a1Zy/Po8riYL9KRbX39Q== x-request-id 8afb3c22-9f42-44cc-a8a5-560fe2b78eac
GET H/1.1	200 OK	bQxGHAcAQ.js Show response ww25.capialone.ca/	31 KB 32 KB	311ms 311ms	Script application/javascript	199.59.243.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww25.capialone.ca/bQxGHAcAQ.js Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/listing Protocol HTTP/1.1 Server 199.59.243.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 42789b56ef9ea52e8ecee805f214f4ce21beed10147a76cf648399f20318ddbc Request headers accept-language en-CA,en;q=0.9 Referer http://ww25.capialone.ca/listing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:31 GMT content-length 32103 x-request-id ca58ee9a-78ee-4d2d-81dd-3e9c3f797871 content-type application/javascript; charset=utf-8
POST H/1.1	200 OK	_fd Show response ww25.capialone.ca/	829 B 1 KB	336ms 336ms	Fetch text/html	199.59.243.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww25.capialone.ca/_fd Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/bQxGHAcAQ.js Protocol HTTP/1.1 Server 199.59.243.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 8c1312490d844cd0d52f915c2de7bebb3075db72f239e2dd28d70ccc5e461968 Request headers Accept application/json Referer http://ww25.capialone.ca/listing accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/json Response headers x-version 2.110.6 date Sun, 14 Jan 2024 03:06:31 GMT content-encoding gzip pragma no-cache server openresty content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 592 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	caf.js www.google.com/adsense/domains/	146 KB 53 KB	39ms 38ms	Script text/javascript	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/domains/caf.js Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/bQxGHAcAQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://ww25.capialone.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:32 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "2659151770424299052" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes link <https://www.adsensecustomsearchads.com>; rel="preconnect" expires Sun, 14 Jan 2024 03:06:32 GMT
POST		_tr ww25.capialone.ca/	0 0
GET H2	200	Primary Request capialone.ca Show response www.above.com/marketplace/	61 KB 15 KB	490ms 257ms	Document text/html	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/capialone.ca Requested by Host: ww25.capialone.ca URL: http://ww25.capialone.ca/bQxGHAcAQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 96a6a93a373b92de41e92351504495e91715c5caa55bb0aa488bac5a8939ed22 Request headers Referer http://ww25.capialone.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 14858 content-type text/html; charset=UTF-8 date Sun, 14 Jan 2024 03:06:33 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding
GET H2	200	61d644614c.css kit.fontawesome.com/	399 B 511 B	161ms 84ms	Stylesheet text/css	104.18.40.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/61d644614c.css Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f393a6a70189d1b01a5e2b9955b53420a0fb5d0fce6ac6364be803ad71f106c Request headers Referer https://www.above.com/ Origin https://www.above.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip cf-cache-status REVALIDATED server cloudflare vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/css cache-control max-age=300, public, stale-while-revalidate=30 cf-ray 8452a9e728a836d9-YYZ access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F5yFbXVl9b5AYDkAtnnC
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 30 KB	153ms 50ms	Script text/javascript	172.253.62.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.62.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bc-in-f95.1e100.net Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 08:53:55 GMT content-encoding gzip x-content-type-options nosniff age 324758 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29671 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 08:53:55 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/	234 KB 63 KB	181ms 79ms	Script text/javascript	172.253.62.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.62.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bc-in-f95.1e100.net Software sffe / Resource Hash 7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:05:53 GMT content-encoding gzip x-content-type-options nosniff age 324040 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64362 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 09:05:53 GMT
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/	157 KB 25 KB	121ms 49ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.above.com/ Origin https://www.above.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 894 age 3946145 cdn-cachedat 06/21/2022 18:36:46 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag W/"816af0eddd3b4822c2756227c7e7b7ee" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 918b7ee597031ca3f60ee0d7b9b40770 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8452a9e71b6e3a00-YYZ cdn-requestpullsuccess True
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/	59 KB 16 KB	103ms 31ms	Script application/javascript	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.above.com/ Origin https://www.above.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 876 age 3863215 cdn-cachedat 10/31/2023 18:52:29 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"02d223393e00c273efdcb1ade8f4f8b1" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 6ee9b5415e46dee0a73a9b6ca1556c25 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8452a9e71b713a00-YYZ cdn-requestpullsuccess True
GET H2	200	aboveGlobal.css www.above.com/css/	48 KB 11 KB	119ms 101ms	Stylesheet text/css	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/css/aboveGlobal.css?1704951657 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 082718ff1e499fe1028a8cdc6501b478d32c27c6cbcae7128f6377a664da2cbf Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 11 Jan 2024 05:40:57 GMT server Apache etag "bed2-60ea4fddfec40-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 10607
GET H2	200	marketplace.css www.above.com/css/	77 KB 15 KB	187ms 169ms	Stylesheet text/css	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/css/marketplace.css?1704861983 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash dbedb0d2ccece5f72f45a2e2d0bb33cff27d6ad7a20164fdf0e89f184bb9228d Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 04:46:23 GMT server Apache etag "132e8-60e901ce345c0-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 14998
GET H2	200	css fonts.googleapis.com/	395 B 719 B	152ms 51ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Patua+One Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash 3a05de4e0bed4676c6d27c17beff2ed294baf56958a06dc1830d48aabb7a1234 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 14 Jan 2024 02:27:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Jan 2024 03:06:33 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 643 B	152ms 52ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash 289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 14 Jan 2024 01:27:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Jan 2024 03:06:33 GMT
GET H2	200	css fonts.googleapis.com/	44 KB 2 KB	158ms 57ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash fe84d1195caaf2b86d19b452a6b52c4571d3d3cb38874d1e5f983bb1bc894a75 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 14 Jan 2024 03:02:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Jan 2024 03:06:33 GMT
GET H2	200	jquery-migrate-1.2.1.min.js Show response www.above.com/marketplace/javascript/	7 KB 3 KB	115ms 98ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/jquery-migrate-1.2.1.min.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "1c20-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3068
GET H2	200	lity.min.css www.above.com/css/	3 KB 1 KB	102ms 85ms	Stylesheet text/css	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/css/lity.min.css Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash d56f1130b96200c85d2d091951dea5abf9dca6b29fcf0e967502f3a203e54dca Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:57 GMT server Apache etag "ca3-609b32f434e40-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1031
GET H2	200	lity.min.js Show response www.above.com/js/	5 KB 2 KB	113ms 97ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/js/lity.min.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 34ee4a5f5e711f4770173073d9abc75b35b909ddd8b774183a55bfb02bbf1fc8 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "132e-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2263
GET H2	200	auction.js Show response www.above.com/marketplace/javascript/	62 KB 12 KB	183ms 170ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/auction.js?1703586409 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash edd7895b04d9e0ac52848374737bdbc8ebee13b1adfd659209b49171b63f1c74 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Tue, 26 Dec 2023 10:26:49 GMT server Apache etag "f88b-60d671ec0ac40-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 11663
GET H2	200	validations.js Show response www.above.com/marketplace/javascript/	11 KB 3 KB	181ms 168ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/validations.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash c6e0970e64ce8c2dbc0756d1f7dad29adb6aca546d7e81fbb3fbf0a6f7f72096 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "2def-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2713
GET H2	200	login.js Show response www.above.com/js/	2 KB 1023 B	188ms 175ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/js/login.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 4eac49e1c94d5710054427f42c6ccd4fb9cf49c2f80b3fa4f8aff1c0e799b160 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "844-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 849
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 884 B	62ms 56ms	Script text/javascript	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software GSE / Resource Hash c4ea51d0d963e279eaaf5992c5267cb19c650e9af5d239612ec69f8d5736b5fd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sun, 14 Jan 2024 03:06:33 GMT
GET H2	200	capswarn.js Show response www.above.com/marketplace/javascript/	2 KB 894 B	187ms 176ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/capswarn.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash d13aad49a9c3399ce31b39937cfe96ec65b8ce987d4e9da70d0fde40ae91b4bf Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "74c-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 720
GET H2	200	jquery-ui.css www.above.com/css/	33 KB 6 KB	109ms 99ms	Stylesheet text/css	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/css/jquery-ui.css Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 28e8833941f30721dd2d1571ff4e49704fcd00e71cfd4181cf2ee884f01aa82b Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Tue, 26 Dec 2023 10:26:49 GMT server Apache etag "8554-60d671ec0ac40-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6379
GET H2	200	timer.js Show response www.above.com/marketplace/javascript/	1 KB 782 B	186ms 176ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/timer.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 131ce2df729f502cb88aced1acc3b342213d3e91af1dddf39c43a5f4e89b246a Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "5a0-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 608
GET H2	200	email_check.js Show response www.above.com/js/	603 B 425 B	180ms 170ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/js/email_check.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash be67d87ca5a2c45dd4d4448a03fbfe56b32bf6ec06310874319c15c52b544309 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "25b-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 251
GET H2	200	offer_new.css www.above.com/marketplace/css/	10 KB 3 KB	102ms 92ms	Stylesheet text/css	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/css/offer_new.css?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash cab892fe3f0bae933bbbeb317762dbc8cd04142df6cb83dc32e31f2865fec403 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "2972-609b32f529080-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2477
GET H2	200	offer_new.css www.above.com/marketplace/css/	10 KB 3 KB	96ms 87ms	Stylesheet text/css	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/css/offer_new.css?1551251438 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash cab892fe3f0bae933bbbeb317762dbc8cd04142df6cb83dc32e31f2865fec403 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "2972-609b32f529080-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2477
GET H2	200	multi-select.js Show response www.above.com/marketplace/javascript/	33 KB 8 KB	374ms 366ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/multi-select.js Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 77e8b9241d3824500dd4877cfb57b1f878f2f07c38e7e2627224a0fda3588c46 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "8565-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 7852
GET H2	200	market_menu.js Show response www.above.com/marketplace/javascript/	12 KB 3 KB	194ms 186ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/market_menu.js Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 07e9a1ea32dcc8a57a88c62a2750696a8cf324967e5f5a429e67bf1e35e2b49e Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "2f74-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2427
GET H2	200	jquery.cycle.lite.js Show response www.above.com/marketplace/javascript/	8 KB 3 KB	373ms 364ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/jquery.cycle.lite.js Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 47c069dccb386d8b6597f16dba8d978124638472011802759f3a9a23626b1138 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "1ef7-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2400
GET H2	200	above-mp.png www.above.com/marketplace/img/	4 KB 4 KB	179ms 171ms	Image image/png	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/above-mp.png Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 0b7e8f59179c93398b409396dedc6d5f173e1fd8de15164a7cdad23a534d2032 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "114b-609b32f529080" content-length 4427 content-type image/png
GET H2	200	forsalebg1.jpg www.above.com/marketplace/img/for-sale-backgrounds/	219 KB 219 KB	193ms 185ms	Image image/jpeg	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/for-sale-backgrounds/forsalebg1.jpg Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 95eea6743a6b2fff58d0cebe7be2f737093caa053475fd2943f00baa69a260e6 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "36b35-609b32f529080" content-length 224053 content-type image/jpeg
GET H2	200	forsalebg2.jpg www.above.com/marketplace/img/for-sale-backgrounds/	498 KB 498 KB	348ms 344ms	Image image/jpeg	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/for-sale-backgrounds/forsalebg2.jpg Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 399f8afe30091ceb4d42c5b6d12730354be0a9762ee28cdccbde0beea27fbb33 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "7c7fc-609b32f529080" content-length 509948 content-type image/jpeg
GET H2	200	forsalebg3.jpg www.above.com/marketplace/img/for-sale-backgrounds/	566 KB 566 KB	415ms 408ms	Image image/jpeg	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/for-sale-backgrounds/forsalebg3.jpg Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash eeec70c009ccc824627ff3f85b7551bfcaef387a4d073ba1b896ea166ff6eb48 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "8d75f-609b32f529080" content-length 579423 content-type image/jpeg
GET H2	200	forsalebg4.jpg www.above.com/marketplace/img/for-sale-backgrounds/	504 KB 504 KB	416ms 410ms	Image image/jpeg	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/for-sale-backgrounds/forsalebg4.jpg Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 064b9facfe2586af98430567bd49a172e2afda6b178a816cfa0086cb7ef0994e Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "7df79-609b32f529080" content-length 515961 content-type image/jpeg
GET H2	200	forsalebg5.jpg www.above.com/marketplace/img/for-sale-backgrounds/	328 KB 329 KB	415ms 411ms	Image image/jpeg	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/for-sale-backgrounds/forsalebg5.jpg Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash e162a47dc7e7e64f31081d3a2475ca4f225f2b3fa37e251264e43acbd0bd31ed Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "52148-609b32f529080" content-length 336200 content-type image/jpeg
GET H2	200	forsalebg6.jpg www.above.com/marketplace/img/for-sale-backgrounds/	257 KB 257 KB	1627ms 1623ms	Image image/jpeg	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/for-sale-backgrounds/forsalebg6.jpg Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash f6effa3bac6ea4a1ba93246a45f43cfdedd3c46be0caa3c5c2f477c62e70176a Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "404c5-609b32f529080" content-length 263365 content-type image/jpeg
GET H2	200	gtm.js Show response www.googletagmanager.com/	221 KB 78 KB	140ms 55ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 157027a9099d61899cd928683618bdf408079c06b3d037dce7c9ca8d7ea41b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79758 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 14 Jan 2024 03:06:33 GMT
GET H2	200	tipsy.jquery.js Show response www.above.com/marketplace/javascript/	7 KB 2 KB	417ms 411ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/tipsy.jquery.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash 44ccceb9930f4bdb377eac732129f35ab8f413c779f0eb684310b93cbb19017e Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "1cee-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1982
GET H2	200	overlib_mini.js Show response www.above.com/marketplace/javascript/	36 KB 10 KB	1628ms 1623ms	Script application/javascript	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://www.above.com/marketplace/javascript/overlib_mini.js?1699515058 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash a161f84f77a4da38e322f2181e1ee6bca6f7d95ae3eff6bddd1bbfdd51f2dab4 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache etag "9163-609b32f529080-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 10473
GET H2	200	pro.min.css ka-p.fontawesome.com/releases/v6.5.1/css/	669 KB 117 KB	117ms 51ms	Stylesheet text/css	172.64.147.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=61d644614c Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/61d644614c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e Request headers accept-language en-CA,en;q=0.9 Referer https://kit.fontawesome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 30 Nov 2023 17:25:52 GMT server cloudflare age 3480501 etag "6568c5a0-1d52d" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 8452a9e81b585401-YYZ content-length 120109
GET H2	200	pro-v4-shims.min.css ka-p.fontawesome.com/releases/v6.5.1/css/	27 KB 4 KB	106ms 41ms	Stylesheet text/css	172.64.147.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=61d644614c Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/61d644614c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c Request headers accept-language en-CA,en;q=0.9 Referer https://kit.fontawesome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 30 Nov 2023 17:25:51 GMT server cloudflare age 3819630 etag "6568c59f-10e7" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 8452a9e81b595401-YYZ content-length 4327
GET H2	200	pro-v5-font-face.min.css ka-p.fontawesome.com/releases/v6.5.1/css/	50 KB 7 KB	99ms 33ms	Stylesheet text/css	172.64.147.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=61d644614c Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/61d644614c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c Request headers accept-language en-CA,en;q=0.9 Referer https://kit.fontawesome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 30 Nov 2023 17:25:52 GMT server cloudflare age 3819630 etag "6568c5a0-1c12" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 8452a9e81b545401-YYZ content-length 7186
GET H2	200	pro-v4-font-face.min.css ka-p.fontawesome.com/releases/v6.5.1/css/	7 KB 2 KB	100ms 35ms	Stylesheet text/css	172.64.147.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=61d644614c Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/61d644614c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c Request headers accept-language en-CA,en;q=0.9 Referer https://kit.fontawesome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 30 Nov 2023 17:25:51 GMT server cloudflare age 3819630 etag "6568c59f-6c5" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 8452a9e81b565401-YYZ content-length 1733
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/	503 KB 202 KB	125ms 38ms	Script text/javascript	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software sffe / Resource Hash daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.above.com/ Origin https://www.above.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 20:18:22 GMT content-encoding gzip x-content-type-options nosniff age 110891 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205927 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 11 Jan 2025 20:18:22 GMT
GET H2	200	asset_composer.js Show response static.zdassets.com/ekr/ Redirect Chain https://v2.zopim.com/?2t3F7kW0hNrM42m15GE81Ox9awj7kQy2 https://static.zdassets.com/ekr/asset_composer.js	10 KB 5 KB	98ms 42ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/asset_composer.js Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:34 GMT x-amz-version-id UVyRrNCT14O0dfFWDj2LMoXLPgAxLFso content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 8AED5Z59RP2ZJ5DA age 33 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 ElxLPFWBDiDcYhbcgk9cHiY1l8AAJIp8quRVfaebLoSrCi9b40bn6GMr92MDUV4zrfnl436olRjMxc1/u3CR3Q== last-modified Wed, 09 Aug 2023 01:01:02 GMT server cloudflare etag W/"42d94c325a0b012e41f9c3907853625a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pf%2FbMLCCUoymtoPa9imV4eQT%2B1Gqgpho5YL1baxLZb20JHyfnGd3%2BF0d5wr%2F%2FT5XVNFMyp1hSJWvvSaDMgCH72PDeENgnZyZTd8nHKkf3QfuMvHQ%2BYuz2X65sfXEOjyuk%2BRyGMc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 8452a9eaef673987-YYZ Redirect headers location https://static.zdassets.com/ekr/asset_composer.js date Sun, 14 Jan 2024 03:06:33 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 server cloudflare cf-ray 8452a9ea0e8a39d8-YYZ vary Accept-Encoding expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	saletrans.png www.above.com/marketplace/img/	921 B 1 KB	1594ms 1592ms	Image image/png	103.224.182.24 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Show image Full URL https://www.above.com/marketplace/img/saletrans.png Requested by Host: www.above.com URL: https://www.above.com/marketplace/css/offer_new.css?1551251438 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.224.182.24 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS www.above.com Software Apache / Resource Hash a4e477b67d678a3de314adfb048d71e6279bbbb172b27e423ea8f230d9aae637 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/marketplace/css/offer_new.css?1551251438 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:33 GMT last-modified Thu, 09 Nov 2023 07:30:58 GMT server Apache accept-ranges bytes etag "399-609b32f529080" content-length 921 content-type image/png
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	114ms 38ms	Font font/woff2	172.253.115.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f94.1e100.net Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.above.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 04:28:31 GMT x-content-type-options nosniff age 81482 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 04:28:31 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	272 KB 90 KB	54ms 53ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DQB7CZVNQD&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash a69e199b37782b66614109eb1ad2fa2b2a31b1b9f47c0ea97d580bfaaa85688a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:34 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92394 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 14 Jan 2024 03:06:34 GMT
GET H2	200	4372769.js Show response js.hs-scripts.com/	2 KB 1 KB	174ms 66ms	Script application/javascript	104.16.190.89
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/4372769.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.89 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash e751db2b2ad6cd81706e11e8a0917a2c72622dcb5cd3ed52b9dd34ed3ea6a7fc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:34 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 49bccb8b-c1db-41d5-82b1-8c9d57e555fa x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 49bccb8b-c1db-41d5-82b1-8c9d57e555fa last-modified Sun, 14 Jan 2024 02:57:34 GMT server cloudflare x-trace 2B8A40660CD23BC637D83EE43A6AA469A91153D6ED000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.above.com x-evy-trace-virtual-host all cache-control public, max-age=90 access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-fcdc68c87-6wqts cf-ray 8452a9ed8a3836d7-YYZ expires Sun, 14 Jan 2024 03:08:04 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	122ms 35ms	Script text/javascript	142.251.16.113
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.113 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 14 Jan 2024 01:37:38 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5336 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 14 Jan 2024 03:37:38 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	1 KB 787 B	641ms 56ms	Script application/javascript	23.222.27.152
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.222.27.152 -, , ASN (), Reverse DNS Software / Resource Hash bbed830caf31bfde1f3efc8aac364b6c2d3c3932cdae9b930bda0dc5c0f833e2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 11 Jan 2024 17:26:20 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=34323 accept-ranges bytes content-length 577
GET H2	200	2t3F7kW0hNrM42m15GE81Ox9awj7kQy2 Show response ekr.zdassets.com/compose/zopim_chat/	824 B 1 KB	436ms 149ms	Fetch application/json	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/zopim_chat/2t3F7kW0hNrM42m15GE81Ox9awj7kQy2 Requested by Host: v2.zopim.com URL: https://v2.zopim.com/?2t3F7kW0hNrM42m15GE81Ox9awj7kQy2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1412b36f16383135159bc8817fae93e71139362f6148fde0b5a3fd8865bc2cb4 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 8308fa63bd9eb419-SEA, 8308fa63bd9eb419-SEA x-runtime 0.004343 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"1412b36f16383135159bc8817fae93e7" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p4Sdja1BdxDkeLq7p7Yq8K%2FYcMbuNWJ01JLNZvbMN42o4urTw%2FxxxPA980yTyXferfl37rXARLj%2BdDkrYi5J3Gmfoe7GeMVAkw%2Bswq3F19RtUmVDhKx9Dy1pnRp1dx1G4U%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 8452a9f16a06a223-YYZ
GET H2	200	4372769.js Show response js.hs-analytics.net/analytics/1705201500000/	66 KB 21 KB	357ms 93ms	Script text/javascript	104.16.79.186
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1705201500000/4372769.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/4372769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.79.186 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 06eb092ebc4b01f458a65ce934920f4e55a1b265af0df196c7d8a92b7659fc7a Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id TJJWFHSZWY36WT6Z x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 9c7ddd10-49a5-45c4-9b64-b39645e4c3a7 x-envoy-upstream-service-time 20 x-amz-id-2 HKXXdf68NqT1g17s3U6NkCYzuATb92T/dRQ9QIrKo8CC3PXDXN09ScBTbKba2tjhIGex5RDFRqB4mUDk/WYDs/t0c6jH+7hP x-evy-trace-listener listener_https x-request-id 9c7ddd10-49a5-45c4-9b64-b39645e4c3a7 x-evy-trace-route-configuration listener_https/all last-modified Wed, 03 Jan 2024 16:30:29 GMT server cloudflare etag W/"4a104ce834830944e38cb1e4a650905d" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-dk98m cache-control max-age=300,public access-control-allow-credentials false cf-ray 8452a9f1687a369c-YYZ expires Sun, 14 Jan 2024 03:11:35 GMT
GET H2	200	conversations-embed.js Show response js.usemessages.com/	84 KB 24 KB	299ms 39ms	Script application/javascript	104.17.247.168
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/4372769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.247.168 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT x-amz-version-id KYDl9V0le_8eNyhqu8y2yzPaUoKjKmsM via 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 539 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15030/bundles/project.js&cfRay=84529cc86c0e36fc-YYZ x-cache Hit from cloudfront x-hubspot-correlation-id f2e4b84d-f33b-452d-8ebf-c1d31316ea9b cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f2e4b84d-f33b-452d-8ebf-c1d31316ea9b last-modified Wed, 20 Dec 2023 17:16:05 UTC server cloudflare etag W/"64e2daa01b1349fee44794df69e776a8" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-bf946f66b-j2dfp cf-ray 8452a9f1680236d8-YYZ x-amz-cf-id HTNlOIrdtdzev6TOtKoTN95PKIlaXjotufskMKPQLI1LEex9gPOmHw== x-hs-target-asset conversations-embed/static-1.15030/bundles/project.js
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	326ms 68ms	Script application/javascript	104.17.231.163
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/4372769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.231.163 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash d9092cb4fb3eafe925fa67a4dc6b62b7c769cbcb9a1420ecaf4b5d80edeae726 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT x-amz-version-id 5iFzgPv7W58VCAVxkHMx4QTA.7HcSoUh via 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 90 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.510/bundles/pixels-release.js&cfRay=8452a7be7f2aa24c-YYZ x-cache Hit from cloudfront x-hubspot-correlation-id 17ad4296-7efe-494e-9dee-b89ea5fdb242 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 17ad4296-7efe-494e-9dee-b89ea5fdb242 last-modified Mon, 08 Jan 2024 15:41:50 UTC server cloudflare etag W/"ef358d7718df65ca620b75c779a3c331" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-bf946f66b-j2dfp cf-ray 8452a9f16b9736b2-YYZ x-amz-cf-id 2L2Nn0VYcHM2HklKscB9y9m41rAsk6PC2XoDCqSSMs7KEhbXUngeYQ== x-hs-target-asset adsscriptloaderstatic/static-1.510/bundles/pixels-release.js
GET H2	200	banner.js Show response js.hs-banner.com/v2/4372769/	65 KB 21 KB	349ms 92ms	Script text/javascript	172.64.153.27
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/4372769/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/4372769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.153.27 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash f2b758abb543f795bf7b64266fcc6f355261849dc58a93f2db0b388ac277db36 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT x-amz-version-id oJSOGpPlvMDE7cZhFyWM_TA3NvBbNxe8 content-encoding br cf-cache-status REVALIDATED x-amz-request-id PZEFZ51X5B0XKABJ x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 9dd6557a-b6c5-4ca2-8da0-74e439618edd x-envoy-upstream-service-time 55 x-amz-id-2 Ifx3O6idViRCXXvxsBzREz7i6Ay4UU6aOctmAAa6L6pVTdKk3c0JFsdl8czg2m7th+aLmdRNMNo= x-evy-trace-listener listener_https x-request-id 9dd6557a-b6c5-4ca2-8da0-74e439618edd x-evy-trace-route-configuration listener_https/all last-modified Thu, 11 Jan 2024 22:22:51 GMT server cloudflare etag W/"daf7e8401a3133413263a4ca60a92e2d" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.above.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-xjg99 vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 8452a9f16dbb542b-YYZ expires Sun, 14 Jan 2024 03:11:35 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 208 B	47ms 47ms	XHR text/plain	142.251.16.113
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=134970704&t=pageview&_s=1&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&dr=http%3A%2F%2Fww25.capialone.ca%2F&ul=en-us&de=UTF-8&dt=capialone.ca%20-%20Above.com%20Marketplace&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1306181258&gjid=1680834627&cid=557583635.1705201595&tid=UA-62880640-4&_gid=251539844.1705201595&_r=1&_slc=1&gtm=45He41a0n81KKGWZHBv853238206&gcd=11l1l1l1l1&dma=0&z=819753492 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.113 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.above.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.above.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 244 B	185ms 52ms	Ping text/plain	142.251.163.101
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-DQB7CZVNQD&gtm=45je41a0v871550789z8853238206&_p=1705201593377&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=557583635.1705201595&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705201594&sct=1&seg=0&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&dr=http%3A%2F%2Fww25.capialone.ca%2F&dt=capialone.ca%20-%20Above.com%20Marketplace&en=page_view&_fv=1&_ss=1&tfd=2086 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DQB7CZVNQD&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.101 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.above.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 244 B	186ms 55ms	Ping text/plain	172.253.115.156
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQB7CZVNQD&cid=557583635.1705201595&gtm=45je41a0v871550789z8853238206&aip=1&dma=0&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DQB7CZVNQD&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.156 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.above.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 408 B	190ms 60ms	Image image/gif	172.253.63.94
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQB7CZVNQD&cid=557583635.1705201595&gtm=45je41a0v871550789z8853238206&aip=1&dma=0&gcd=11l1l1l1l1&z=777797749 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.94 -, , ASN (), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:35 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	59ms 56ms	XHR text/plain	172.253.115.156
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62880640-4&cid=557583635.1705201595&jid=1306181258&gjid=1680834627&_gid=251539844.1705201595&_u=YEBAAEAAAAAAACAAI~&z=1128750805 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.156 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.above.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 14 Jan 2024 03:06:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.above.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	42 KB 15 KB	62ms 60ms	Script application/javascript	23.222.27.152
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.222.27.152 -, , ASN (), Reverse DNS Software / Resource Hash f0822081c33dc4a9cabd9255d574f89280925c4e1f833eefb49a966243014572 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 11 Jan 2024 18:06:16 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=38364 accept-ranges bytes content-length 15605
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	57ms 53ms	Image image/gif	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-62880640-4&cid=557583635.1705201595&jid=1306181258&_u=YEBAAEAAAAAAACAAI~&z=1471340513 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:35 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 107 B	54ms 50ms	Image image/gif	172.253.63.94
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-62880640-4&cid=557583635.1705201595&jid=1306181258&_u=YEBAAEAAAAAAACAAI~&z=1471340513 Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.94 -, , ASN (), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:35 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3546452%26time%3D1705201595188%26url%3Dhttps%253A%252F%252Fwww.above.com%252Fmark... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&cookiesTest=true&liSync=true	0 398 B	139ms 139ms	Image application/javascript	13.107.42.14
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&cookiesTest=true&liSync=true Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H2 Server 13.107.42.14 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:35 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 270327E35EBA401FB7765D4005308597 Ref B: YTO01EDGE0820 Ref C: 2024-01-14T03:06:35Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYO3y9mfTI6rCwIg27CIQ== Redirect headers strict-transport-security max-age=31536000 content-security-policy default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default x-content-type-options nosniff date Sun, 14 Jan 2024 03:06:35 GMT linkedin-action 1 x-cache CONFIG_NOCACHE content-length 0 x-li-uuid AAYO3y9i6lz4i/plZvbwrw== pragma no-cache x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: E9758EBE18864761AD86DF1B899E98E6 Ref B: YTO01EDGE0820 Ref C: 2024-01-14T03:06:35Z x-frame-options sameorigin x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3546452&time=1705201595188&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&cookiesTest=true&liSync=true cache-control no-cache, no-store x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	public Show response api.hubspot.com/livechat-public/v1/message/	280 B 1 KB	88ms 87ms	XHR application/json	104.19.155.83
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=4372769&conversations-embed=static-1.15030&mobile=false&messagesUtk=65cb203bd2ee429c818c375e852db59f&traceId=65cb203bd2ee429c818c375e852db59f&referrer=http%3A%2F%2Fww25.capialone.ca%2F Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.155.83 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b7321f45be763370ea73e2f0b84e57d74b826570eded14e80d9b069b5e75561a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.above.com/ accept-language en-CA,en;q=0.9 X-HubSpot-Messages-Uri https://www.above.com/marketplace/capialone.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 76d7be79-d729-4e71-835b-d9d79ad24230 x-envoy-upstream-service-time 9 content-length 222 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 76d7be79-d729-4e71-835b-d9d79ad24230 server cloudflare x-trace 2B572FE7A041F990E33BBE4B9507E5D6ADDE121F87000000000000000000 vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.above.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-fcdc68c87-m8z88 cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1BIWP0IAcA68mriC33pVoS6xHJDgFa%2B8a9HYInlYCeLpxDlIzd8f4Ga04Nxp3Az26cB7LankV%2B05H%2FJ5A%2BHyBo%2BB9o1ZU9YBdy71ZByjZ1N4EAdU5%2FMwOwlLnSEct31Pw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8452a9fb7a03369c-YYZ access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	115 B 1 KB	582ms 89ms	XHR application/json	104.17.201.204
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=4372769 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.204 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 2e28d7d0b7fb2980dbda3fcadf3e4ecebaaa90cff223d6242bdf726394cdaa60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id b11260e6-2091-4e1c-b414-dc3ed4f7c4c2 content-encoding br x-envoy-upstream-service-time 12 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b11260e6-2091-4e1c-b414-dc3ed4f7c4c2 server cloudflare x-trace 2BB3E0CC561ACB04DEE2F81A92852144A38ED2C432000000000000000000 vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.above.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-fcdc68c87-52bh9 access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnWDnWfvoA4CusUUgUMjO4cJipFnsmlE%2FKyXT1qJBKXVNgznRX0XxvfXzknl8NxncMQV%2FfN4l19abj6aLSUOu4e3vJBetxAQEhK%2FYbijhC96NJ0tAc%2BJY%2BPsaddUAkY0"}],"group":"cf-nel","max_age":604800} cf-ray 8452a9fa2aa836b4-YYZ access-control-allow-headers *
GET H2	200	web-widget-main-1bfc6fa.js Show response static.zdassets.com/web_widget/classic/latest/ Frame A11C	923 KB 265 KB	75ms 75ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js Requested by Host: v2.zopim.com URL: https://v2.zopim.com/?2t3F7kW0hNrM42m15GE81Ox9awj7kQy2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT x-amz-version-id PAflfXOdiQDrMRVYun69YoketTkl1xNU content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 1BPBW7W4HNMQNRZQ age 3457063 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4= last-modified Tue, 05 Dec 2023 00:24:10 GMT server cloudflare etag W/"6f8511a72c96db8b22e6373718b842ed" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IW4wRR%2BpotdxCRRIiZsJPWyvtqwgtVgYPkD3cQnkxlvxd6aS6tP8N1HQtwxNfPtCbVsMg8Nh7Rd%2FKRg2kdwX9r3vijB7zvt%2BVrZnxA8KI9WnlJnF3QfvqxggeeTli3eyqpEkhB0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8452a9f738623987-YYZ expires Wed, 04 Dec 2024 00:24:09 GMT
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 00B2	40 KB 25 KB	87ms 81ms	Document text/html	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software GSE / Resource Hash c6426d2a43b53e2d068f4d49f7b185085fd0b5082cf93b794305c41ac7bf91f7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-JRhXZ-NVYR-BG03ipBw7dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.above.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-JRhXZ-NVYR-BG03ipBw7dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 14 Jan 2024 03:06:36 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame E891	41 KB 25 KB	103ms 97ms	Document text/html	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software GSE / Resource Hash 819aac9232d5fd1ddb6244329348232f93789c92f1c53b6b5e304b0937234906 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-inD8N3D49DUaeCzyngZMkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.above.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-inD8N3D49DUaeCzyngZMkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 14 Jan 2024 03:06:36 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 194 B	115ms 114ms	XHR text/plain	13.107.42.14
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.42.14 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://www.above.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 14 Jan 2024 03:06:35 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: ED11D98A2E2B4627A55CD28EF0610023 Ref B: YTO01EDGE0820 Ref C: 2024-01-14T03:06:36Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.above.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYO3y9o2clsX1/TmNaKzA==
OPTIONS H2	200	public api.hubspot.com/livechat-public/v1/message/ Frame	0 0	705ms 212ms	Preflight text/plain	104.19.155.83
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=4372769&conversations-embed=static-1.15030&mobile=false&messagesUtk=65cb203bd2ee429c818c375e852db59f&traceId=65cb203bd2ee429c818c375e852db59f&referrer=http%3A%2F%2Fww25.capialone.ca%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.155.83 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers x-hubspot-messages-uri Access-Control-Request-Method GET Origin https://www.above.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://www.above.com allow HEAD,GET,OPTIONS cf-cache-status DYNAMIC cf-ray 8452a9fa2ed5369c-YYZ content-length 18 content-type text/plain; charset=utf-8 date Sun, 14 Jan 2024 03:06:36 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6%2BbmQpRIhf8%2Bjq7nbOKejys5GxJc34s78%2Fr1DfDzKUWm5uPWbqgY9htd5jyz3YH70DlV1GCiI4w7I6p4zHSuvNpxm5BVRBnTiYIyy2xrDPR1kndMmG2KY11bdyUunbLWA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding x-content-type-options nosniff x-envoy-upstream-service-time 5 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-fcdc68c87-k74t7 x-evy-trace-virtual-host all x-hubspot-correlation-id f299beb1-8008-463c-ae70-63616c442621 x-request-id f299beb1-8008-463c-ae70-63616c442621 x-trace 2B80B66BA79021ED1602624001CC19E39A91E81EC1000000000000000000
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 00B2	55 KB 24 KB	125ms 41ms	Stylesheet text/css	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 22:41:56 GMT content-encoding gzip x-content-type-options nosniff age 15880 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 Jan 2025 22:41:56 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 00B2	503 KB 201 KB	124ms 40ms	Script text/javascript	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software sffe / Resource Hash daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 20:18:22 GMT content-encoding gzip x-content-type-options nosniff age 110894 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205927 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 11 Jan 2025 20:18:22 GMT
GET H2	200	en-us-json-1bfc6fa.js Show response static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame A11C	25 KB 6 KB	45ms 43ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT x-amz-version-id Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 1BPFGS4SBCJ216KA age 3457063 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE= last-modified Tue, 05 Dec 2023 00:24:12 GMT server cloudflare etag W/"6eb45e96a7cbb4b8ca10897f3cf09981" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN8Pnnt%2BXPel7ckSQSffgNsKkaEkXhBOw5RQtNT4f6aev2nNC82rkETzqdF7F5Dm5pDhX8I6JVciOva%2Fg3c%2BjwwCnQoz4%2FheQHp05qMQgi7vz8Zkk%2BO0jZeX9iTt2tmkls8hnVA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8452a9fbca593987-YYZ expires Wed, 04 Dec 2024 00:24:11 GMT
GET H2	200	config Show response trellian.zendesk.com/embeddable/ Frame A11C	480 B 1 KB	210ms 161ms	Fetch application/json	104.16.51.111
General Check archive.org Show headers Download Go to Full URL https://trellian.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.51.111 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b211be90f7039a1468526f61a23b9deacd2082c197eee259cc013716083d37bc Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-576b84b488-bfcxl x-cached MISS x-request-id 8452a9fc18465407-YYZ x-runtime 0.002251 last-modified Sun, 14 Jan 2024 02:37:13 GMT server cloudflare access-control-max-age 7200 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gI6R5wDiHCgdCmIU31KQgMp66%2FALR6ID2PElREfBFVmax1Hp%2BCJitGLIRDy3FmB1UXlxdILR6DxTTUfFQL5hekZjiRagyG7du6GuU%2FEj4aRIVGYRVuvWJi2PktiKmP7IjmjrZ3Y3"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control public, max-age=60, stale-while-revalidate=600, stale-if-error=3600 vary Origin, Accept-Encoding cf-ray 8452a9fc18465407-YYZ
GET H3	200	js Show response www.googletagmanager.com/gtag/	196 KB 71 KB	51ms 51ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-318991084 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash b5848da609cefd4cc2f77a66e9075b85884c60051daeec8c2273c2ae9a4a5771 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 72796 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 14 Jan 2024 03:06:36 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	196 KB 71 KB	61ms 60ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-318991084&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash f82bce95256b2c38732db3e7bacda354cd63f8062a1fb25b26d2bee50bc073b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 72758 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 14 Jan 2024 03:06:36 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E891	55 KB 24 KB	40ms 39ms	Stylesheet text/css	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 22:41:56 GMT content-encoding gzip x-content-type-options nosniff age 15880 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 Jan 2025 22:41:56 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E891	503 KB 201 KB	51ms 49ms	Script text/javascript	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software sffe / Resource Hash daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 20:18:22 GMT content-encoding gzip x-content-type-options nosniff age 110894 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205927 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 11 Jan 2025 20:18:22 GMT
GET H2	200	web-widget-chat-sdk-1bfc6fa.js Show response static.zdassets.com/web_widget/classic/latest/ Frame A11C	202 KB 51 KB	53ms 49ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:36 GMT x-amz-version-id TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 0X24BSPSV39D8D28 age 3457062 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 1eGND/GjxrlQxia9pWdTTwHT8UuCrrKDdbJzZuma1/VkfAY1PcOzD5FH1w1FjTJn2c8rVgJg5Po= last-modified Tue, 05 Dec 2023 00:24:10 GMT server cloudflare etag W/"b8284a4b45e40625c2b90a641ebe4a68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wwD4LUJlpTNmAZ6ZMZCAm6G%2BLwjl1qH%2B4eO1OrPZ7GBKRh9IglwfhrPdYJpHUzbSNDdxFjPVOM5FKu7DRGfjLopBtZBj%2FiBY5qhil%2FqH3jiB4%2F3vLmMw%2F%2Fvv%2FPjrBeTrSCg9GM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8452a9fc2b4f3987-YYZ expires Wed, 04 Dec 2024 00:24:09 GMT
GET H3	200	Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js Show response www.google.com/js/bg/ Frame 00B2	17 KB 7 KB	39ms 37ms	Script text/javascript	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software sffe / Resource Hash 071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 02:10:02 GMT content-encoding br x-content-type-options nosniff age 3395 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6850 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 13 Jan 2025 02:10:02 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 00B2	2 KB 2 KB	40ms 37ms	Image image/png	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 20:20:06 GMT x-content-type-options nosniff age 24391 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 20 Jan 2024 20:20:06 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 00B2	15 KB 15 KB	41ms 37ms	Font font/woff2	172.253.115.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f94.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 04:44:03 GMT x-content-type-options nosniff age 80554 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 04:44:03 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 00B2	15 KB 15 KB	41ms 39ms	Font font/woff2	172.253.115.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f94.1e100.net Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 04:46:57 GMT x-content-type-options nosniff age 80380 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 04:46:57 GMT
GET H3	200	Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js Show response www.google.com/js/bg/ Frame E891	17 KB 7 KB	40ms 39ms	Script text/javascript	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software sffe / Resource Hash 071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 02:10:02 GMT content-encoding br x-content-type-options nosniff age 3395 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6850 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 13 Jan 2025 02:10:02 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame E891	2 KB 2 KB	36ms 36ms	Image image/png	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 20:20:06 GMT x-content-type-options nosniff age 24391 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 20 Jan 2024 20:20:06 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E891	15 KB 15 KB	49ms 48ms	Font font/woff2	172.253.115.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f94.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 04:44:03 GMT x-content-type-options nosniff age 80554 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 04:44:03 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E891	15 KB 15 KB	39ms 39ms	Font font/woff2	172.253.115.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f94.1e100.net Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 04:46:57 GMT x-content-type-options nosniff age 80380 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 04:46:57 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 00B2	102 B 135 B	57ms 57ms	Other text/javascript	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software GSE / Resource Hash 55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=nqcs80fzu1h0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sun, 14 Jan 2024 03:06:37 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/318991084/	3 KB 2 KB	134ms 52ms	Script text/javascript	172.253.63.155
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/318991084/?random=1705201597289&cv=11&fst=1705201597289&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&ref=http%3A%2F%2Fww25.capialone.ca%2F&hn=www.googleadservices.com&frm=0&tiba=capialone.ca%20-%20Above.com%20Marketplace&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=78857517.1705201597&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-318991084 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 -, , ASN (), Reverse DNS Software cafe / Resource Hash 57d4731151c6bbd2fa8e528c8f19c2b1ff7f3f3664a5015c25213ff3f20539a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1270 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame E891	102 B 135 B	52ms 51ms	Other text/javascript	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software GSE / Resource Hash 55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=663gfvctxdno User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sun, 14 Jan 2024 03:06:37 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/318991084/	42 B 64 B	52ms 51ms	Image image/gif	142.251.16.104 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/318991084/?random=1705201597289&cv=11&fst=1705201200000&bg=ffffff&guid=ON&async=1&gtm=45be41a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&ref=http%3A%2F%2Fww25.capialone.ca%2F&frm=0&tiba=capialone.ca%20-%20Above.com%20Marketplace&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Qj0ibXWBkZ6jd-Dsn6q_hWrXDAfkMg&random=4026387564&rmt_tld=0&ipr=y Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f104.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:37 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ca/pagead/1p-user-list/318991084/	42 B 64 B	52ms 51ms	Image image/gif	172.253.63.94
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/318991084/?random=1705201597289&cv=11&fst=1705201200000&bg=ffffff&guid=ON&async=1&gtm=45be41a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&ref=http%3A%2F%2Fww25.capialone.ca%2F&frm=0&tiba=capialone.ca%20-%20Above.com%20Marketplace&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Qj0ibXWBkZ6jd-Dsn6q_hWrXDAfkMg&random=4026387564&rmt_tld=1&ipr=y Requested by Host: www.above.com URL: https://www.above.com/marketplace/capialone.ca Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.94 -, , ASN (), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:37 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	201ms 77ms	Image image/gif	104.19.154.83
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4088410345&v=1.1&a=4372769&r=http%3A%2F%2Fww25.capialone.ca%2F&pu=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&t=capialone.ca+-+Above.com+Marketplace&cts=1705201597604&vi=31cbbc78f41637b2d6a3f05c7d354991&nc=true&u=192322805.31cbbc78f41637b2d6a3f05c7d354991.1705201597587.1705201597587.1705201597587.1&b=192322805.1.1705201597588&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.154.83 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 8d2660c6-1367-4f8c-ab39-910a75a68c8d p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 13 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 8d2660c6-1367-4f8c-ab39-910a75a68c8d server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeSzjo4xsnUayISda%2BUTf1FG6ZHbC74q7Kuxm2Psew6%2FSNZOeDd7FKm8NSmDmpKxiBps7As%2BRrVLKaKDOdV6E9TwNRlWGbwTTmoKeyb5jLxUcJLgZVxwwWRX1myNa0jarewJ"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-865d96945d-4w8pv x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8452aa01eee8398a-YYZ x-robots-tag none
GET H2	200	web-widget-chat-incoming-message-notification-1bfc6fa.js Show response static.zdassets.com/web_widget/classic/latest/ Frame A11C	236 B 599 B	37ms 36ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 03:06:38 GMT x-amz-version-id vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id A4N17FH4T4Q3T2FA age 3457063 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 jj3IJP8SG1qYvE4k5/yGOQQcVY1t9fS2FwFAUdl7K5931Xd3flm5WF8IJiZ/yy12ah/e+h8TsYA= last-modified Tue, 05 Dec 2023 00:24:10 GMT server cloudflare etag W/"77bb07ca171e3ff2b72a7dafa7822bc8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNipFjhRgY3tzBG18yn%2B3xpVuyeajm5xWzV8FcGTdTHTsU9Hi8IUYAaqgOmVsClFi8ToNLxPkcf3aT6Twr9l6jwLgk9pWt6tvBuv4IOmv8U7Kc8aMyT4T71ZbaK%2FqNXcJXoQiu0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8452aa053cac3987-YYZ expires Wed, 04 Dec 2024 00:24:09 GMT
GET H2	206	fda6cd35495c75f83508d9d2e77ee33d.mp3 static.zdassets.com/web_widget/classic/latest/ Frame A11C	19 KB 20 KB	40ms 40ms	Media audio/mpeg	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Range bytes=0- Response headers date Sun, 14 Jan 2024 03:06:38 GMT x-amz-version-id 4bV_wFumuJbx5cco1BXg1VPt41lZHsX1 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id ZJZE7JMCCHH4D6TV age 3956987 x-amz-server-side-encryption AES256 Content-Range bytes 0-19697/19698 x-amz-replication-status COMPLETED Content-Length 19698 x-amz-id-2 eANrIaPqScX/HcTBuO9Ygxuy2PDIF5gMPbbtEnNP4r8awfJScAcJ08j4BwLBd4anl8viLy0rADU= last-modified Mon, 06 Nov 2023 00:49:00 GMT server cloudflare etag "f11ce9e8f40a392830217253fe75d6de" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqCUTiYZvH0TC5M308HYHvDQ6oAQ30s45yPWC5EJ82lcxV2KYgW3lRXtZgPxB5anGewfuICARQfwryIXt4LMHyMXPN3jq1I13vsatkw8cIxPbcSpnWlIuHwfiWGzEFZPN5rNBqo%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8452aa060e4d3987-YYZ expires Tue, 05 Nov 2024 00:48:59 GMT
POST H2	204	collect analytics.google.com/g/	0 54 B	44ms 44ms	Ping text/plain	142.251.163.101
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-DQB7CZVNQD&gtm=45je41a0v871550789&_p=1705201593377&gcd=11l1l1l1l1&dma=0&cid=557583635.1705201595&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705201594&sct=1&seg=0&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fcapialone.ca&dr=http%3A%2F%2Fww25.capialone.ca%2F&dt=capialone.ca%20-%20Above.com%20Marketplace&en=scroll&epn.percent_scrolled=90&_et=13&tfd=7109 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DQB7CZVNQD&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.101 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.above.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 03:06:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.above.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ww25.capialone.ca

URL

http://ww25.capialone.ca/_tr