urlscan.io logo urlscan.io
SecurityTrails logo

ceo.ca Open in urlscan Pro
34.198.199.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ceo.ca/
Effective URL: https://ceo.ca/
Submission: On August 29 via manual from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 11 domains to perform 101 HTTP transactions. The main IP is 34.198.199.205, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ceo.ca. The Cisco Umbrella rank of the primary domain is 319483.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on October 19th 2022. Valid for: a year.
This is the only time ceo.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 34.198.199.205 14618 (AMAZON-AES)
4 172.217.13.138 15169 (GOOGLE)
10 172.217.13.162 15169 (GOOGLE)
1 3.160.22.74 16509 (AMAZON-02)
7 172.217.13.208 15169 (GOOGLE)
11 3.5.20.10 14618 (AMAZON-AES)
1 5 172.217.13.196 15169 (GOOGLE)
5 172.217.13.163 15169 (GOOGLE)
1 11 172.217.13.98 15169 (GOOGLE)
2 172.217.13.142 15169 (GOOGLE)
7 142.251.40.195 15169 (GOOGLE)
1 172.217.13.130 15169 (GOOGLE)
1 142.251.111.154 15169 (GOOGLE)
13 172.217.165.129 15169 (GOOGLE)
101 15
25    34.198.199.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-199-205.compute-1.amazonaws.com
ceo.ca
4    172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net
fonts.googleapis.com
10    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
pagead2.googlesyndication.com
1    3.160.22.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-74.cmh68.r.cloudfront.net
services.brid.tv
7    172.217.13.208 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f16.1e100.net
storage.googleapis.com
11    3.5.20.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
cdn-ceo-ca.s3.amazonaws.com
5    172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net
www.google.com
5    172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
fonts.gstatic.com
11    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
www.googleadservices.com
2    172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net
www.google-analytics.com
7    142.251.40.195 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net
www.gstatic.com
1    172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
partner.googleadservices.com
1    142.251.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
stats.g.doubleclick.net
13    172.217.165.129 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f1.1e100.net
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
25 ceo.ca
ceo.ca — Cisco Umbrella Rank: 319483
873 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
375 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
552 KB
11 amazonaws.com
cdn-ceo-ca.s3.amazonaws.com — Cisco Umbrella Rank: 826216
1 MB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
storage.googleapis.com — Cisco Umbrella Rank: 409
1 MB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
88 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
32 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
www.googleadservices.com — Cisco Umbrella Rank: 150
599 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
113 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
1 brid.tv
services.brid.tv — Cisco Umbrella Rank: 18302
90 KB
101 11
Domain Requested by
25 ceo.ca 1 redirects ceo.ca
13 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 cdn-ceo-ca.s3.amazonaws.com ceo.ca
10 pagead2.googlesyndication.com ceo.ca
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
7 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 storage.googleapis.com ceo.ca
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
5 www.google.com 1 redirects ceo.ca
www.gstatic.com
www.google.com
tpc.googlesyndication.com
4 fonts.googleapis.com ceo.ca
googleads.g.doubleclick.net
2 www.googleadservices.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.google-analytics.com ceo.ca
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 services.brid.tv ceo.ca
101 16
Subject Issuer Validity Valid
*.ceo.ca
AlphaSSL CA - SHA256 - G2		 2022-10-19 -
2023-11-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
brid.tv
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-18		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://ceo.ca/
Frame ID: 63720B9701B7A640CA052AE5718A57A2
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: 952399D0C4079A18941635F4EFA705B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2712644852530366&output=html&adk=1812271804&adf=3025194257&lmt=1693345441&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fceo.ca%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693320241124&bpp=6&bdt=865&idt=266&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1631617778034&frm=20&pv=2&ga_vid=1680572614.1693320241&ga_sid=1693320241&ga_hid=1706977073&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077370%2C31077442%2C44800951%2C31077451%2C44796634&oid=2&pvsid=3452089959206090&tmod=1048650868&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: A438F8F66CAA6B7EA3CD6BB74A333536
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
Frame ID: 795A636D422486985A2176A0D045CA21
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7DB0574DF40E8D781EBFA22636126BD1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: 23ADE0DF1FE11687FBC92A9861C20075
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 762539EFE0A68E2311258AD02F7110D0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D656763859B404AE3E5075EF847AA41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19CC4E466DC4F9EFDF9AA68AF64B0E20
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9FA5AB421F8C65A562A7E2C6A4AA0EDC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 16C7FF92051C07179DB9AD1987D785E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: BE644CA3C792873D3682282F4A709A60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CEO.CA | Mobile Investment Conference

Page URL History Show full URLs

  1. http://ceo.ca/ HTTP 301
    https://ceo.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

101
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

15
IPs

1
Countries

4614 kB
Transfer

7727 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ceo.ca/ HTTP 301
    https://ceo.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 93
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CPJB_MQTuZPPFHrTS0_wPhYq9uAj6h4fLcsTosNjaEJiS-IezAhABILiDj3Vg_eiigfADoAHv3ebrAsgBAqgDAcgDyQSqBLwBT9DnczMs9YYzkN4CO_v0e4BSrZ204193ECQw1idU_iR04TYxZpRRlN8yTBrruVQLsdrkuGulHDw1LcUncOj-nXJt-LGg9A_vVK0Bbt183ltmZUh_vTrd-AGF7-UutJsZ4XDeWiy6kVWXtS8TLUllWP-D7l43_f3Kr24jRY_fKsUQxbfl1J1zWwZ8_f8gB7i4-h_WHCr4hP3Zi8DU8YRHRb1WEhY1TQCFhovSzNjTU_LeJDR2ShndNoXzrbHABJCA9oKpBIgFyJOVm0mSBQQIBBgBkgUECAUYBKAGAoAH-aGZlAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCyhi3SCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJN2h0dHBzOi8vd3d3Lmhhc2hpY29ycC5jb20vc29sdXRpb25zL3plcm8tdHJ1c3Qtc2VjdXJpdHmACgHICwHaDBEKCxDAreHWxbW6prwBEgIBA9gTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNzEyNjQ0ODUyNTMwMzY2GAA&sigh=nXsF2M1-YVs&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWwPtkFRJW67ICGmm2I74No9MbUK8IyhgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbe9c6ff0b3c643b00000000000000000%22,%222%22:%220x50895d10a9b9fc930000000000000000%22,%223%22:%220x9b4b082298b6a4d0000000000000000%22,%224%22:%220x3b8be83b45b0a250000000000000000%22,%225%22:%220x55d7bf88ad779c570000000000000000%22},%22debug_key%22:%228100584070292208984%22,%22debug_reporting%22:true,%22destination%22:%22https://hashicorp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22762949359%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211768399638045362705%22}&andc=true

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ceo.ca/
Redirect Chain
  • http://ceo.ca/
  • https://ceo.ca/
455 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
a3f0c00f07071144162e6ba5c8ae0316824defcf50cccb626b8d0eeb71779216

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Aug 2023 14:44:00 GMT
ETag
W/"71aad-9o4HdxMDkwRCFVu/WadPuMTXBwc"
Referrer-Policy
origin
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express
X-RateLimit-Limit
80
X-RateLimit-Remaining
79
X-RateLimit-Reset
1693320265
X-Upstream
172.31.20.138:8071

Redirect headers

Connection
keep-alive
Content-Length
194
Content-Type
text/html
Date
Tue, 29 Aug 2023 14:43:59 GMT
Location
https://ceo.ca/
Server
nginx/1.14.0 (Ubuntu)
css
fonts.googleapis.com/ 		1 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Mono
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
d33abcba27460192a5d9e0c72f361ac0126660e083a2f40779718c4d051fff25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Aug 2023 14:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 13:09:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Aug 2023 14:44:00 GMT
css
fonts.googleapis.com/ 		3 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
458bb3a60559f5c11cce4ce12b4a829f5f25a3b43531d2ee7a43565ccede7f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Aug 2023 14:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 14:30:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Aug 2023 14:44:00 GMT
teaorbit.css
ceo.ca/public/styles/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/styles/teaorbit.css?v=432-27
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
cea47933a808a3e4c0551f44824dd044c844bc050774f9dcf7aeebb856b61eea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 20 Aug 2023 05:18:21 GMT
X-Powered-By
Express
ETag
W/"26803-18a1161433c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
icons.css
ceo.ca/public/styles/ 		18 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/styles/icons.css?v=432-27
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
b0ba38e91d858368b95f1d8ff8a3fbed4f76eaf9dfe728569b0d8376e96ce4fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Mar 2022 03:00:34 GMT
X-Powered-By
Express
ETag
W/"4775-17f90ab85d2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
image-insert-plugin.css
ceo.ca/public/styles/medium-editor/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/styles/medium-editor/image-insert-plugin.css
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6549bf05034f4bb4790ef4b398c87f7dc6a4bdc564afe5766c04e69fa3fb7148

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"1dad-16e024100a1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
589915e6140e7267e5999cc5d33c9c4281013f73eae00575af71674731b116b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50934
x-xss-protection
0
server
cafe
etag
2196918476550065283
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 14:44:00 GMT
brid.min.js
services.brid.tv/player/build/ 		332 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.brid.tv/player/build/brid.min.js
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-74.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9810fbef372b839703cb3e6f50d8cfb733ed8edcd195911c66a577cef3e20747

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:40:19 GMT
content-encoding
gzip
via
1.1 0f7233a4bc44891a3c037bc61237e614.cloudfront.net (CloudFront)
last-modified
Thu, 03 Aug 2023 14:04:52 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P3
age
222
x-amz-server-side-encryption
AES256
etag
W/"299c89aa2bf00e601a64ee02db56500f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LEAu_JiDBWZxz6-Osv3IIK-sefJULQBUV5PoNuEStMPcNIWjtosKmw==
ceo.ca.png
ceo.ca/public//assets/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public//assets/ceo.ca.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f941a866daf376220c3227b79b97397f396f4cf82a7ed6a638013d5d23e7e78d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"1fc2-16e02410089"
Content-Type
image/png
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8130
sound_cyan_egret
storage.googleapis.com/ceo-assistive-repo_production_assets/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ceo-assistive-repo_production_assets/sound_cyan_egret
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.208 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
60e634149163b81eafe8c2d6d6b76f5d52258aae4d35f10bbdb8edd76f396aba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:59:09 GMT
age
2691
x-guploader-uploadid
ADPycdub3lWyFhj6h2hp8O0reqG0JUo7FObobfDvgFTuRhs_OrNUa5XyEt94XYmU4u_GMAKDvCo0oDnAoUN5UBr3Vt1kag
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 17 Aug 2023 15:48:12 GMT
server
UploadServer
vary
Origin,Accept-Encoding
x-goog-generation
1692287292883923
x-goog-hash
crc32c=MXuLfA==, md5=4YKM4SdjqB13ai3h5twHQA==
content-type
image/gif
cache-control
public, max-age=3600
x-goog-stored-content-length
101252
accept-ranges
none
expires
Tue, 29 Aug 2023 14:59:09 GMT
ceopro.png
ceo.ca/public/assets/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public/assets/ceopro.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
46b9ef0353062d7574fddd4192bc6863588b594b3f5a52be17bc154b2b1929b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"743a-16e02410089"
Content-Type
image/png
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29754
50off.png
ceo.ca/public/assets/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public/assets/50off.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
18b8420e316a1fc0e6aefbb822b9ed8afc6e8d50a832c6c013dac1fc601d40b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Last-Modified
Wed, 30 Nov 2022 22:07:59 GMT
X-Powered-By
Express
ETag
W/"2e1ac-184ca9516c6"
Content-Type
image/png
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
188844
1ierv6f-Untitled%20design%20%2815%29-420-280-thumb.png
cdn-ceo-ca.s3.amazonaws.com/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/1ierv6f-Untitled%20design%20%2815%29-420-280-thumb.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e33364319cecdae7060a1d02b22639ff3ffc6463314d9e561359cc81cee22b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Tue, 29 Aug 2023 14:12:32 GMT
Server
AmazonS3
x-amz-request-id
9D357FZ52P6P3B4Y
ETag
"61f3f0a39861963c3962abf042754bf7"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17744
x-amz-id-2
c1MVXuPJR2yF7miyN+QE2JhwWtQOCEs18l51O7PB5tYBmxljK9hrMINol8Th68ILVMFhGKzJP6V6Wd970GhxZg==
SAG.png
cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/SAG.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
377b9d1ff5b084d3e268b549251047af9098e8f082ceda49cd1b4e8726835b8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Tue, 26 Jul 2022 21:52:15 GMT
Server
AmazonS3
x-amz-request-id
9D3A6CQAQA05K74W
ETag
"17cae5655fb40c693c98913f5e24c433"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
31496
x-amz-id-2
k/jI12vJyJLJdjCqHI96bbTJ+VsQlbd+KjFenQ9wtdaubLHPUpPf0KxDnoRu96Gpa247CPQuwymFGCMChfeZ+Q==
ORM.png
cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/ 		531 KB
531 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/ORM.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1897d90eca2b3caf779701d3f5a540aa432ca26e41616aaca1ca37bdebbcfc90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Tue, 26 Jul 2022 22:04:33 GMT
Server
AmazonS3
x-amz-request-id
9D35C42Q8JAHMAKH
ETag
"86a31f857d8cea2845812a9a1811c038"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
543344
x-amz-id-2
zhgKW02DSd8ZXy7/LgSosUwbKQPDuxqD8zA995yBxrUc0AX1hVXZgKRhwYy1vKm+rZpw3guF77eQqsVQcrgQ1g==
FIND.png
cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/FIND.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
25296dd3ec04d56bf0a2bee9909c3c7726c20af1c3485dd2fbc723da8d0b778e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Tue, 26 Jul 2022 21:59:01 GMT
Server
AmazonS3
x-amz-request-id
9D3C909C906HTNJ9
ETag
"7b7acf562edd9c70ae6a68225cef79e9"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
29072
x-amz-id-2
th5QFw2R0yV5QWL89a5a5C4kAO1TAldlf3IXid4LxwWa60essGStghIzeeWUtgs5eE0SYD57SvqqJpQ8tSFiXQ==
1ieev23-NatGas%2520Weekly%25208-120-80-thumb.24.2023.png
cdn-ceo-ca.s3.amazonaws.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/1ieev23-NatGas%2520Weekly%25208-120-80-thumb.24.2023.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee50c60d931555c67db6e6cbfd4b52307f268812283ecef8c2a11bd8b13d3b7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Thu, 24 Aug 2023 17:56:40 GMT
Server
AmazonS3
x-amz-request-id
9D3AQMR3KBZPPG03
ETag
"b1eb3e82f002ff1f614437bac29f4a93"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10562
x-amz-id-2
dWVu9dU32nuqzslPu3wMjrcLtqq5yIZOu+dsKU6uBIJEcIbJDXj1WAy6SkOnT/Ff7EwzaqTnQeowTCCrINoBQw==
PUMA.png
cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/company_logos/Logos/TSXV/PUMA.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d0cd65a93ac5cce19aea242bf648116d45baa7bdf80f9653f215d7f5c6d9e264

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Tue, 26 Jul 2022 21:50:32 GMT
Server
AmazonS3
x-amz-request-id
9D37ACMG0K2QY5MM
ETag
"278b8014188a2eba1a0294cb07ff715b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
43485
x-amz-id-2
Q9XvLovuBmAjGft67xvTagRGDLyA8zWyoaUbbRbUcmlE3ydUlh8Sa2gU96Jge+UTcnKLY9c9B2aN4cFn3cgOVA==
1ieq25v-Screen%2520Shot%25202023-08-28%2520at%25204-120-80-thumb.50.28%2520PM.png
cdn-ceo-ca.s3.amazonaws.com/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/1ieq25v-Screen%2520Shot%25202023-08-28%2520at%25204-120-80-thumb.50.28%2520PM.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d4e909a6259c8a8fe1c9f9a0bb7e886039a2d5051f16605d47891d2bfd03879

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Mon, 28 Aug 2023 21:05:59 GMT
Server
AmazonS3
x-amz-request-id
9D3FDZV3NQAVNVG7
ETag
"e934ddaf51de037e1b4316c2e019804c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
15694
x-amz-id-2
jN11jgi2erY7SK0BMEETzryYkzGOzoGH307vrz5z5EIKsqfqVEMYcvTqIdyodrQPYaLxiVgHbi8QYHF0FcI7bQ==
1iepjub-David%20Hay-420-280-thumb.png
cdn-ceo-ca.s3.amazonaws.com/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/1iepjub-David%20Hay-420-280-thumb.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ddfbfae9791e219a22f84d93f7a10f7faedc977a2562e4cc3f2507b21380df4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Mon, 28 Aug 2023 16:48:12 GMT
Server
AmazonS3
x-amz-request-id
9D35V5W4JDQ3G9PG
ETag
"ae4e53b0db2d7230d05a4cd9afc78f15"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
158996
x-amz-id-2
jsaNxAc/pBzMMm0jNLRqaOF0ZzHAxbBt9i+In3xU4PCaHK1Ssh0fZOCANQlNmJUhbnw7125e/T9iZyLxL9UgcA==
1iehksu-Ian%2520harris-120-80-thumb.jpg
cdn-ceo-ca.s3.amazonaws.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/1iehksu-Ian%2520harris-120-80-thumb.jpg
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8e95029211159e9230acb32895d02f0e22e61f7f99b732c47575011bd7f306c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Mon, 28 Aug 2023 16:44:38 GMT
Server
AmazonS3
x-amz-request-id
9D30RV1B2KA5QEX6
ETag
"55f7839341c510bb9704375747f8c93b"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2889
x-amz-id-2
vYCGlNOhZyFhhnhnePUcb+pNOSlxwNywfOlUsxXwoFQoyHXjNvMulFlIFPCYfkQD0KeaVEi7EV7qQa4QYpg4Sw==
1iepcau-DALL%C2%B7E%202023-08-28%2010-420-280-thumb.36.11%20-%20Lithium%20mining%20Australia.png
cdn-ceo-ca.s3.amazonaws.com/ 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/1iepcau-DALL%C2%B7E%202023-08-28%2010-420-280-thumb.36.11%20-%20Lithium%20mining%20Australia.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cfd50fd536461e499db81c3592109623ea49c990e31e1e8d834b7ffbb0cc0e64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Mon, 28 Aug 2023 14:38:23 GMT
Server
AmazonS3
x-amz-request-id
9D36M47PV2HXKZZH
ETag
"e15c52d9caf4561ff40392cff32f5c46"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
216023
x-amz-id-2
RRg98g5CJphtt411bgnvTgeCvGRoWUO5CGJBzTzCX9DGHDmvE/ir5yQJW8K9GeVnssrFdJAkZcJRzFa5PUchMw==
1ieo00f-HAR-LOGO-420-280-thumb.JPG
cdn-ceo-ca.s3.amazonaws.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ceo-ca.s3.amazonaws.com/1ieo00f-HAR-LOGO-420-280-thumb.JPG
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.20.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c7fa6121ab341a6362d5c8a2c56ed35ef0077e1db0a55e1e9c16e6ac8adf1aa3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Mon, 28 Aug 2023 02:01:53 GMT
Server
AmazonS3
x-amz-request-id
9D31D3MZ45V2CW7P
ETag
"810ddc2983a86c805f8b1092a14f6fb8"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
19980
x-amz-id-2
QUDvHZ/Rvyb52idUHTt6gbcv5b9E2MKuxg2R8Ogwv1cAplqKMTnAsNAFt7gvZpPKl8xArr5yIr5RBqThsxdG7Q==
icon-bnw.png
ceo.ca/public/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public/assets/icon-bnw.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
96cf5574f7b47b00b1c1eae9fae49cc23baf3d389fbb4f4c56bf27ffcd6da09e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"cf0-16e02410089"
Content-Type
image/png
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3312
chairmans_briefing.png
ceo.ca/public/assets/ 		336 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public/assets/chairmans_briefing.png
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
b641681c90fc3b34eb3d70c7d0841e0f33864c0df24e53904ddcb51912357abe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Last-Modified
Wed, 23 Feb 2022 09:50:37 GMT
X-Powered-By
Express
ETag
W/"54128-17f25fd62b9"
Content-Type
image/png
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
344360
thorough_scarlet_skink
storage.googleapis.com/ceo-assistive-repo_production_assets/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ceo-assistive-repo_production_assets/thorough_scarlet_skink
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.208 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
97bf2a4e99b2e2b441f828f83d330e93eab80b58818a973a1219a5024656972c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:44:16 GMT
age
3584
x-guploader-uploadid
ADPycdvPlgGWxC6XRzGB0tvBN9ZBrvz-zDd1P0HO5sv3VQLWglqKOFMZmB2LpWdhN9A_xM6p0nhddXHHHV7kuU30U-dItw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 17 Aug 2023 15:48:36 GMT
server
UploadServer
vary
Origin,Accept-Encoding
x-goog-generation
1692287316338731
x-goog-hash
crc32c=JSLLrQ==, md5=stbdV92K0uCZdKNIYe8O/A==
content-type
image/gif
cache-control
public, max-age=3600
x-goog-stored-content-length
189151
accept-ranges
none
expires
Tue, 29 Aug 2023 14:44:16 GMT
appstore.svg
ceo.ca/public/assets/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public/assets/appstore.svg?v=432
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e2da7897fc4fdc4bc537b162ce30b828425055b13fd8bb511dbfa0704f220269

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"32cd-16e02410089"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
googleplay.svg
ceo.ca/public/assets/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public/assets/googleplay.svg?v=432
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
73a93970a0a6500042ce3128f8cc41773d8c4c613688e7d39a3f1631e6a7a032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"3b7a-16e02410089"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
faithful_green_cuckoo
storage.googleapis.com/ceo-assistive-repo_production_assets/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ceo-assistive-repo_production_assets/faithful_green_cuckoo
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.208 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
136a4c6a84b30710fc39a27c678736d3d617213d343cb228713fc3acfff07a26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:00:59 GMT
age
2581
x-guploader-uploadid
ADPycdun6pkUO_3WmF02NXxSajleta33Z_mdhkO3BWfRG0-XT678x7uJmgVgv7S32PEQWJyNvAYQDYSUM70JWBW_QP83Xw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 24 Aug 2023 13:47:02 GMT
server
UploadServer
vary
Origin,Accept-Encoding
x-goog-generation
1692884822696370
x-goog-hash
crc32c=ULFvow==, md5=Iy8nWOKDJC1mLTbwKZJgiw==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
234677
accept-ranges
none
expires
Tue, 29 Aug 2023 15:00:59 GMT
considerable_ivory_sailfish
storage.googleapis.com/ceo-assistive-repo_production_assets/ 		323 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ceo-assistive-repo_production_assets/considerable_ivory_sailfish
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.208 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
557ce989720e156eb1a426bcfe1712117254ea2afebf2a220b98be76e4d7e959

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:00 GMT
x-guploader-uploadid
ADPycdt3jU9z_Kr0nIkMtiEVkFWGSoXuauDTaoWXHxeQgkf4TrRjQV-bMmp4nwNiw19Zpm2FQd0nCZB1xyTCbTRyOihLvQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 22 Jun 2023 20:02:23 GMT
server
UploadServer
vary
Origin, Accept-Encoding
x-goog-generation
1687464143055609
content-type
image/jpeg
x-goog-hash
crc32c=PEgzNQ==, md5=6jpEyfqPhGfodtgApM0UEw==
cache-control
public, max-age=3600
x-goog-stored-content-length
330043
accept-ranges
none
expires
Tue, 29 Aug 2023 15:44:00 GMT
weary_white_dingo
storage.googleapis.com/ceo-assistive-repo_production_assets/ 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ceo-assistive-repo_production_assets/weary_white_dingo
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.208 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
13187dbc54be7ea607823da6b41b7c241a857c977a2481d2d7e39a1e9dfa372c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:38:39 GMT
age
321
x-guploader-uploadid
ADPycdsRa5FXEmUxHowAvebkUXkXmDfE_VPd28eJHW-lo40wAqwxu0_gRuZNawrkjCSzWRpV0bInjyuBPgw8elRTo-Tgdg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Wed, 09 Aug 2023 15:45:05 GMT
server
UploadServer
vary
Origin,Accept-Encoding
x-goog-generation
1691595905740156
x-goog-hash
crc32c=8LhLiQ==, md5=qy9xTmuiow5z2R6h/IfNEA==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
262133
accept-ranges
none
expires
Tue, 29 Aug 2023 15:38:39 GMT
left_black_constrictor
storage.googleapis.com/ceo-assistive-repo_production_assets/ 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ceo-assistive-repo_production_assets/left_black_constrictor
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.208 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
f16075340f2e962ea1f77333967e99463976260b8bfd2f3b7bc00b5a1b4724ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:03:23 GMT
age
2437
x-guploader-uploadid
ADPycdsVYqkCSuCpLOCaEkhQq46XGvBZTjgbOQt6wJ9_B40qnRHDXQdZpV2aroTpR4KPOrKA-WFoQhKCfglkgSvDgv_Z_A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 24 Aug 2023 13:53:18 GMT
server
UploadServer
vary
Origin,Accept-Encoding
x-goog-generation
1692885198859937
x-goog-hash
crc32c=U4yIYA==, md5=K2ET84xMGTpkci94R50ccw==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
235167
accept-ranges
none
expires
Tue, 29 Aug 2023 15:03:23 GMT
microtemplates.js
ceo.ca/public/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/js/microtemplates.js?v=432-27
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
d349ef0c43d6f15bf6df832a8c91f7e7a10a392b4bf4035f7af1480663866fa5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"e1f-16e0241009d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
common.js
ceo.ca/public/js/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/js/common.js?v=432-27
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
506a66ea486c0e2340255b1256ae313b54454104f52f7c24df3f09cdc4e46c88

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 May 2023 18:00:48 GMT
X-Powered-By
Express
ETag
W/"ad94-18849c550a6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
purring_gold_pheasant
storage.googleapis.com/ceo-assistive-repo_production_assets/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ceo-assistive-repo_production_assets/purring_gold_pheasant
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.208 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
51c572ca483ac925ffc74b4818d4f8549fec7f2fd7c95b2196ed5ceac7c53931

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:40:03 GMT
age
237
x-guploader-uploadid
ADPycduL6p-rOIIZc23BFCSWm4QHgSFio9Ap1IAqYxpeUdySGXcT1vNaK9fHHu_rje6I928DZjuDGTuPwDfSYvObJIuIVQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Wed, 24 May 2023 13:25:39 GMT
server
UploadServer
vary
Origin,Accept-Encoding
x-goog-generation
1684934739844482
x-goog-hash
crc32c=SR/ORw==, md5=tOHL/CKKZFS/ZPX7E4P10w==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
59408
accept-ranges
none
expires
Tue, 29 Aug 2023 15:40:03 GMT
reload.svg
ceo.ca/public/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ceo.ca/public/assets/reload.svg
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3fa6ec46e80fca5647cad699ada1d792456b5938585f93d2162c29f07957d5c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"4a6-16e0241008d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
mini.js
ceo.ca/public/js/ 		688 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/js/mini.js?v=432-27
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
d1fc9e15065b4ec12fc3078778fbf2067f2d34e5937c6d986425bf4d7aa25966

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 20 Aug 2023 05:23:26 GMT
X-Powered-By
Express
ETag
W/"abfc2-18a1165ea49"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
user.js
ceo.ca/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/js/user.js?v=432-27
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4c5054528f59efbb9c1ea0868cadfdc404fc4e513c5c6705822d6c82986dd11a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 14:44:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Nov 2022 03:37:16 GMT
X-Powered-By
Express
ETag
W/"1481-184acdc65ee"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Upstream
172.31.20.138:8071
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
f5626d72af7f0c38e32d9a4d7f60848b471690cfa1b8f248d785673e0f2d5a63
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
861
x-xss-protection
1; mode=block
expires
Tue, 29 Aug 2023 14:44:00 GMT
c852f7d8-9f50-4f6e-80e3-f2d6d49495bc
https://ceo.ca/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ceo.ca/c852f7d8-9f50-4f6e-80e3-f2d6d49495bc
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
211ec829a0e7715b5b7dee8b200babe4a703911965357b5e1928e0be888a0610

Request headers

Referer
Origin
https://ceo.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ceo.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:35:57 GMT
x-content-type-options
nosniff
age
443283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Aug 2024 11:35:57 GMT
9oRONYoBnWILk-9AnC8zMw.woff2
fonts.gstatic.com/s/ptmono/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptmono/v13/9oRONYoBnWILk-9AnC8zMw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Mono
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
9b7edbdb69b25016ed337468fe8af411f6a48c1b9153de1402b3db00bff71424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ceo.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 20:38:01 GMT
x-content-type-options
nosniff
age
497159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27396
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:32:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Aug 2024 20:38:01 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ceo.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 13:30:16 GMT
x-content-type-options
nosniff
age
263624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 13:30:16 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 		387 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
38b32815878dfc0a7a89f7280694e55a46f840a86425396e925af4a8a866d84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134143
x-xss-protection
0
server
cafe
etag
16620951753060824878
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 14:44:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame 9523 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ceo.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:36:57 GMT
etag
9878862242593084568
expires
Tue, 12 Sep 2023 14:36:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 13:33:53 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4208
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 29 Aug 2023 15:33:53 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		451 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.195 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ceo.ca/
Origin
https://ceo.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 23:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185062
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Aug 2024 23:18:28 GMT
banner_impression
ceo.ca/api/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/api/banner_impression?banner=603
Requested by
Host: ceo.ca
URL: https://ceo.ca/public/js/mini.js?v=432-27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*/*
Referer
https://ceo.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 14:44:01 GMT
X-Powered-By
Express
Surrogate-Control
no-store
Vary
Accept-Encoding
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
application/json; charset=utf-8
X-Upstream
172.31.20.138:8071
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
banner_impression
ceo.ca/api/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/api/banner_impression?banner=610
Requested by
Host: ceo.ca
URL: https://ceo.ca/public/js/mini.js?v=432-27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*/*
Referer
https://ceo.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 14:44:01 GMT
X-Powered-By
Express
Surrogate-Control
no-store
Vary
Accept-Encoding
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
application/json; charset=utf-8
X-Upstream
172.31.20.138:8071
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
banner_impression
ceo.ca/api/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/api/banner_impression?banner=565
Requested by
Host: ceo.ca
URL: https://ceo.ca/public/js/mini.js?v=432-27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*/*
Referer
https://ceo.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 14:44:01 GMT
X-Powered-By
Express
Surrogate-Control
no-store
Vary
Accept-Encoding
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
application/json; charset=utf-8
X-Upstream
172.31.20.138:8071
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
banner_impression
ceo.ca/api/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/api/banner_impression?banner=594
Requested by
Host: ceo.ca
URL: https://ceo.ca/public/js/mini.js?v=432-27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*/*
Referer
https://ceo.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 14:44:01 GMT
X-Powered-By
Express
Surrogate-Control
no-store
Vary
Accept-Encoding
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
application/json; charset=utf-8
X-Upstream
172.31.20.138:8071
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
banner_impression
ceo.ca/api/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/api/banner_impression?banner=613
Requested by
Host: ceo.ca
URL: https://ceo.ca/public/js/mini.js?v=432-27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*/*
Referer
https://ceo.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 14:44:01 GMT
X-Powered-By
Express
Surrogate-Control
no-store
Vary
Accept-Encoding
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
application/json; charset=utf-8
X-Upstream
172.31.20.138:8071
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
banner_impression
ceo.ca/api/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/api/banner_impression?banner=517
Requested by
Host: ceo.ca
URL: https://ceo.ca/public/js/mini.js?v=432-27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*/*
Referer
https://ceo.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 14:44:01 GMT
X-Powered-By
Express
Surrogate-Control
no-store
Vary
Accept-Encoding
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
application/json; charset=utf-8
X-Upstream
172.31.20.138:8071
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
banner
ceo.ca/api/ 		222 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/api/banner?channel=
Requested by
Host: ceo.ca
URL: https://ceo.ca/public/js/mini.js?v=432-27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
45d573cf7b3e265b2c25c5cd93d8f289bfe4395c75225c6b09dc853112cc95f1

Request headers

Accept
*/*
Referer
https://ceo.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 14:44:01 GMT
X-Powered-By
Express
Surrogate-Control
no-store
Vary
Accept-Encoding
ETag
W/"de-69kp0eaj+FJs46u1daNPNXFhkog"
Content-Type
application/json; charset=utf-8
X-Upstream
172.31.20.138:8071
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
222
Expires
0
notification.ogg
ceo.ca/public/ 		5 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://ceo.ca/public/notification.ogg
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.198.199.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-199-205.compute-1.amazonaws.com
Software
/ Express
Resource Hash
02a22db9eee09a5f70efa1d48a444ed1a283b2641479a373284a7df6930c3647

Request headers

Referer
https://ceo.ca/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 29 Aug 2023 14:44:01 GMT
Last-Modified
Fri, 25 Oct 2019 09:30:44 GMT
X-Powered-By
Express
ETag
W/"1501-16e024100a1"
Content-Type
audio/ogg
X-Upstream
172.31.20.138:8071
Content-Range
bytes 0-5376/5377
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5377
collect
www.google-analytics.com/j/ 		4 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1706977073&t=pageview&_s=1&dl=https%3A%2F%2Fceo.ca%2F&ul=en-us&de=UTF-8&dt=CEO.CA%20%7C%20Mobile%20Investment%20Conference&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1887718202&gjid=532664853&cid=1680572614.1693320241&tid=UA-61253585-1&_gid=412534803.1693320241&_r=1&_slc=1&z=89434156
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ceo.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 14:44:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ceo.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ceo.ca&callback=_gfp_s_&client=ca-pub-2712644852530366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d627a5eaddf290439384dda3cb23fd8bdb9e78adbfcb69f736abae2b378bc856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A438 		297 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2712644852530366&output=html&adk=1812271804&adf=3025194257&lmt=1693345441&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fceo.ca%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693320241124&bpp=6&bdt=865&idt=266&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1631617778034&frm=20&pv=2&ga_vid=1680572614.1693320241&ga_sid=1693320241&ga_hid=1706977073&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077370%2C31077442%2C44800951%2C31077451%2C44796634&oid=2&pvsid=3452089959206090&tmod=1048650868&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
47184080cbffb2af586922e6a7fc7c4b0096d7bc6b812dab4721d2b4511b88d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ceo.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
75484
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:44:02 GMT
expires
Tue, 29 Aug 2023 14:44:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 795A 		54 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
fa8ed0f0ef6d86ecbbee5c1bf75bb60a384bd5d2b6c646f46fbbce2d058752e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iUz0ItGvhtETVx-IY7wKBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ceo.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
30547
content-security-policy
script-src 'report-sample' 'nonce-iUz0ItGvhtETVx-IY7wKBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:44:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		1 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61253585-1&cid=1680572614.1693320241&jid=1887718202&gjid=532664853&_gid=412534803.1693320241&_u=IEBAAEAAAAAAACAAI~&z=2060075819
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ceo.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 29 Aug 2023 14:44:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ceo.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 795A 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 20:28:08 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 795A 		451 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 23:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185062
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Aug 2024 23:18:28 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 795A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 23:30:57 GMT
x-content-type-options
nosniff
age
400384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 31 Aug 2023 23:30:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 795A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:11:34 GMT
x-content-type-options
nosniff
age
257547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 15:11:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 795A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 16:17:15 GMT
x-content-type-options
nosniff
age
253606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 16:17:15 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 795A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNnIiAAAAAFZ9hIiypODwbOkrD8bE9DyVOoNZ&co=aHR0cHM6Ly9jZW8uY2E6NDQz&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=lsy6okfp22qy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 29 Aug 2023 14:44:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
cf84c21ef836e411333b5d13ea338f0c6c6c45b404264600c497e34f3cb5f937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/reactive_library_fy2021.js?bust=31077451
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
037f517f109a930e486d45f77c5923fd80283706247957e2cd1ed01ec0914566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53637
x-xss-protection
0
server
cafe
etag
2309180658335117547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 14:44:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 14:44:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame 7DB0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ceo.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:36:24 GMT
etag
9878862242593084568
expires
Tue, 12 Sep 2023 14:36:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame 23AD 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_fy2021.js?bust=31077451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ceo.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:36:24 GMT
etag
9878862242593084568
expires
Tue, 12 Sep 2023 14:36:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 7DB0 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Aug 2023 14:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 14:06:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Aug 2023 14:44:02 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7DB0 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:18:55 GMT
x-content-type-options
nosniff
age
476707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 23 Aug 2024 02:18:55 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7DB0 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 18:26:02 GMT
x-content-type-options
nosniff
age
505080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 22 Aug 2024 18:26:02 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 7DB0 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8570
x-xss-protection
0
server
cafe
etag
11167480076894372452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:58:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 23AD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:06 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7625 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:21:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 23AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 23AD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:06 GMT
13497537428130039644
tpc.googlesyndication.com/simgad/ Frame 23AD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13497537428130039644?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmdinEQb3N6lwRr7-nYggZ2w0DFFg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
sffe /
Resource Hash
b30664d4f49414d8ddf821142e2cc20b2442108892c0957c391125d5274af9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 07:30:14 GMT
x-content-type-options
nosniff
age
544428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14986
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 21:48:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Aug 2024 07:30:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 23AD 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 14:44:02 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 23AD 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
a1cda6441d6032222b35f93ae5f3bddff8eab851e5e8622049ef96f0b53bb01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
2977
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14423
x-xss-protection
0
server
cafe
etag
4855010618112703997
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D65 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ceo.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
23677
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 08:09:26 GMT
expires
Wed, 28 Aug 2024 08:09:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 19CC 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
bb74372a2eff823a0f65dcacda9933b9078fe11757b258e30fdce66d3d021f5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vqg4c5Rnw90cX_NeBCXP9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ceo.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-Vqg4c5Rnw90cX_NeBCXP9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:44:03 GMT
expires
Tue, 29 Aug 2023 14:44:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame 9FA5 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Aug 2023 14:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 12:56:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Aug 2023 14:44:03 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 9FA5 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 9FA5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 9FA5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 9FA5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:54:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FA5 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 14:44:03 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 9FA5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 00:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:54:07 GMT
truncated
/ Frame 23AD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2966e8ba0ef8fae28b1f1d1fd97b2e6486a96b698a8c98ef7c0710d5e3eb3af0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7625
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:44:03 GMT
expires
Tue, 29 Aug 2023 14:44:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 14:44:03 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 23AD
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CPJB_MQTuZPPFHrTS0_wPhYq9uAj6h4fLcsTosNjaEJiS-IezAhABILiDj3Vg_eiigfADoAHv3ebrAsgBAqgDAcgDyQSqBLwBT9DnczMs9YYzkN4CO_v0e4BSrZ204193ECQw1idU_iR04TY...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbe9c6ff0b3c643b00000000000000000%22,%222%22:%220x50895d10a9b9fc930000000000000000%22,%223%22:%220x9b4b08...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbe9c6ff0b3c643b00000000000000000%22,%222%22:%220x50895d10a9b9fc930000000000000000%22,%223%22:%220x9b4b082298b6a4d0000000000000000%22,%224%22:%220x3b8be83b45b0a250000000000000000%22,%225%22:%220x55d7bf88ad779c570000000000000000%22},%22debug_key%22:%228100584070292208984%22,%22debug_reporting%22:true,%22destination%22:%22https://hashicorp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22762949359%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211768399638045362705%22}&andc=true
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:03 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xbe9c6ff0b3c643b00000000000000000","2":"0x50895d10a9b9fc930000000000000000","3":"0x9b4b082298b6a4d0000000000000000","4":"0x3b8be83b45b0a250000000000000000","5":"0x55d7bf88ad779c570000000000000000"},"debug_key":"8100584070292208984","debug_reporting":true,"destination":"https://hashicorp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["762949359"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"11768399638045362705"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 29 Aug 2023 14:44:03 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Aug 2023 14:44:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xbe9c6ff0b3c643b00000000000000000","2":"0x50895d10a9b9fc930000000000000000","3":"0x9b4b082298b6a4d0000000000000000","4":"0x3b8be83b45b0a250000000000000000","5":"0x55d7bf88ad779c570000000000000000"},"debug_key":"8100584070292208984","debug_reporting":true,"destination":"https://hashicorp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["762949359"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"11768399638045362705"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 19CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=3452089959206090&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbe9c6ff0b3c643b00000000000000000%22,%222%22:%220x50895d10a9b9fc930000000000000000%22,%223%22:%220x9b4b082298b6a4d0000000000000000%22,%224%22:%220x3b8be83b45b0a250000000000000000%22,%225%22:%220x55d7bf88ad779c570000000000000000%22},%22debug_key%22:%228100584070292208984%22,%22debug_reporting%22:true,%22destination%22:%22https://hashicorp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22762949359%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211768399638045362705%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 29 Aug 2023 14:44:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
pagead2.googlesyndication.com/bg/ Frame 16C7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
519855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14710
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 14:19:48 GMT
PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
pagead2.googlesyndication.com/bg/ Frame 0D65 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
519855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14710
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 14:19:48 GMT
PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
pagead2.googlesyndication.com/bg/ Frame BE64 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Requested by
Host: ceo.ca
URL: https://ceo.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
519855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14710
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 14:19:48 GMT
generate_204
tpc.googlesyndication.com/ Frame 0D65 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CXMxdg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:44:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=3452089959206090&bg=!EBOlE1zNAAYkVgHwBFY7ADQBe5WfOETMmZvryMm3kJagJwlpfn9GqxBUlU-t6SJtYYvCxh3ETDgwpvQAvcsaUhRINpo4AgAAAOtSAAAAC2gBB5kCocXkGVKxh-mDdV_u3on_v99bTBA0ZnKaoAglDT6Bm3fgQeQk4BoXnPYI0ftOm0tqo6OF6EOWy4HO42cG0BvjdhNZiu3A-kv3KI6_5Sg0xG_JFSj5lS8pfD-DrOVi_8a12hQB3cr4K9JLiog0drXT-B2_e7an9bfTIoe6Pzd70aX1EqU80FoUFa9SUMhoqgx4A3SPkSCGJQAJrgunBE1149SpVMz4bG_oSKVFUVv6EfBhhppDXrksa4caGryU2y9l1Cs6hVL0Ksg55qBKd4CFtlGQePqYfzZoqY1HaG2dQksHPFKjsqhk2Qk5YLbKt91RMwWS1mEavRw_CDoYPJPvHp7xIYvdcr2pffBQdR5FNsEFYOI-j-Jazb4m7wjffucDXtrRzwQMdwTQKm8poiqZ1I12j9Q64yF3gTz-pQtDyrH56_1A5SClFEa6R1TppV7n55TF7jk2vFa0agN9byPjFQ8iB8gJz7jg1Xs3a0GioWiVuGHPGHLaLr5IP_LOuXuGPoFKQgZwX0VsouRbDb4JI6cqafi1zs0_B7Vmu-cbA9wiXbkusZl4SnPpwFfoQYIqo67EG23tD4xDE1Lj1vI_ESAR25MaASKbCS0_OVy_dsMgjZbxkqaftiYtOPzdXexXWGPPvEpuaMG3Pp3QdEbPtqBMd8yvMZuNe6awrjnbEM_Yif62uGHGolNQnIfv7FeLPKANEJO9bM_egbsX3ORy38omznU5wsO9PwnaozeBg064oSpmbv7Xow1ngze20M16nxqyjbNJx5mYZyX8IHKXXc5giN8OCMANB70-J4AY0hjOvmXdtbCMcaybeWVcXCBWNgAxIfBhpynJNaCPnjvScqiBpzeiriZbRr5CBXNvSSL-Uyg7K_GTtVLdSS31NNeMXyg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ceo.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 23AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS_b-Jt3Mln_ymnzfOm9D348m1_tNAKIcVAB9Ax3sHPfcbIpTuw0pPvjUgLEf9fmxZtSfhIgvxPv8M1uAZxIR_Vl5yC-S2CkA-EQhwTg0K4KZ5CMaQCo2a_tvawZqlbI0pVND3rLJvjA&sai=AMfl-YT_2fQI6P138O0RIEX918p7R7bxZIQyuVbQcMih2kW83xOEI94YOM1jD4EmXG_wWJjyKrVc8oglgooQ&sig=Cg0ArKJSzMsvM2fsy2DiEAE&cid=CAQSGwBpAlJWwPtkFRJW67ICGmm2I74No9MbUK8IyhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=198,751,1000,1104,1104&tos=198,553,249,104,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693320242844&rpt=340&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 14:44:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| adsbygoogle function| $bp function| Brid object| _bp object| googletag function| microtemplates object| common function| pluralize function| Timer function| getErrorObject function| checkIfPhoto function| checkIfVideo object| handle string| spiel_template boolean| logged_in string| current_channel object| role string| hostname boolean| admin function| render_spiel object| chat_inner number| post_height object| chat_elem number| version object| initial_spiels object| custom_ads string| spiel_html function| linkify function| DTO object| dto object| mod_actions function| escapeHtml function| unescapeHtml function| preloadImage function| htmlspecialchars function| htmlspecialchars_decode function| htmlentities function| htmlentities_decode function| getCaret function| uuid function| pixel_distance function| is_touch_device function| Events function| Sidebar function| fileUploader function| UrlHistory function| UI function| Post function| Home function| Nav function| Modal function| CreateChannel function| Create_RSS function| Autocomplete function| Networking function| drawingCanvas function| Search function| Notifications function| Scroll function| KeyScroll function| Moderator function| BanModal function| Profile function| Profiles function| Layout function| Discover function| ChannelArticles function| OnlineList function| StockSearch function| Article function| Articles function| ArticleEditor function| Wiki function| setCanvasSize function| Canvas function| StockChart function| StockChartData function| StockChartGraph function| MarketDepthGraph function| ProManager function| Settings function| Impressions function| ChannelDetails function| SMS_Verify function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| io function| diff_match_patch number| DIFF_DELETE number| DIFF_INSERT number| DIFF_EQUAL object| visible_modal boolean| user_is_currently_active object| jQuery1112027526424150481277 function| Invitation function| HousePositions function| ShortPositions function| NewSedi object| templs object| templ string| id string| content object| templates function| Template function| CustomTemplate object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter boolean| prod boolean| pro boolean| has_tried_pro object| allowed_exchanges string| static_url object| networking object| ui undefined| since boolean| user_verified object| spiel_id object| quote number| last_spiel_date object| latitude object| longitude object| gps_accuracy number| spiels_per_request object| messages_to_send_on_reconnect boolean| user_logged_in undefined| latest_spiel_id boolean| dragging object| mousedown_coordinates object| features boolean| darkmode string| view_mode function| render_login_modal boolean| forgot string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| fallback_recaptcha function| send_recaptcha string| google_user_agent_client_hint object| first_spiels object| stock_info object| post object| events object| wiki_exists object| wiki string| title object| layout object| online_list object| nav object| url_history object| sidebar object| discover object| channel_articles object| channel_details object| home object| moderator object| file_uploader object| notifications object| search object| profile object| profiles object| articles object| article object| banmodal object| impressions object| gaplugins object| gaGlobal object| gaData function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| recaptcha object| closure_lm_507580 object| google_llp object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.ceo.ca/ Name: _ga
Value: GA1.2.1680572614.1693320241
.ceo.ca/ Name: _gid
Value: GA1.2.412534803.1693320241
.ceo.ca/ Name: _gat
Value: 1
.ceo.ca/ Name: __gads
Value: ID=409c96b2053522c7-229cb9cbb7e300a0:T=1693320241:RT=1693320241:S=ALNI_MYG8r0rSCLym3Q43MhBe1E5auTY1g
.ceo.ca/ Name: __gpi
Value: UID=00000d8e91aa8f34:T=1693320241:RT=1693320241:S=ALNI_MaiSDBqJQ92sPlXDOK_84JxEAaNOQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUm--jPJ5T1z-VKSkr7Ado0vVnr1pihwsG1FsLfjDJQWrqOz7ja1N2Yb5DnOJt0
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ceo-ca.s3.amazonaws.com
ceo.ca
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
services.brid.tv
stats.g.doubleclick.net
storage.googleapis.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.251.111.154
142.251.40.195
172.217.13.130
172.217.13.138
172.217.13.142
172.217.13.162
172.217.13.163
172.217.13.196
172.217.13.208
172.217.13.98
172.217.165.129
3.160.22.74
3.5.20.10
34.198.199.205
02a22db9eee09a5f70efa1d48a444ed1a283b2641479a373284a7df6930c3647
037f517f109a930e486d45f77c5923fd80283706247957e2cd1ed01ec0914566
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
13187dbc54be7ea607823da6b41b7c241a857c977a2481d2d7e39a1e9dfa372c
136a4c6a84b30710fc39a27c678736d3d617213d343cb228713fc3acfff07a26
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1897d90eca2b3caf779701d3f5a540aa432ca26e41616aaca1ca37bdebbcfc90
18b8420e316a1fc0e6aefbb822b9ed8afc6e8d50a832c6c013dac1fc601d40b7
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
211ec829a0e7715b5b7dee8b200babe4a703911965357b5e1928e0be888a0610
25296dd3ec04d56bf0a2bee9909c3c7726c20af1c3485dd2fbc723da8d0b778e
2966e8ba0ef8fae28b1f1d1fd97b2e6486a96b698a8c98ef7c0710d5e3eb3af0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
377b9d1ff5b084d3e268b549251047af9098e8f082ceda49cd1b4e8726835b8f
38b32815878dfc0a7a89f7280694e55a46f840a86425396e925af4a8a866d84d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
3fa6ec46e80fca5647cad699ada1d792456b5938585f93d2162c29f07957d5c7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
458bb3a60559f5c11cce4ce12b4a829f5f25a3b43531d2ee7a43565ccede7f18
45d573cf7b3e265b2c25c5cd93d8f289bfe4395c75225c6b09dc853112cc95f1
46b9ef0353062d7574fddd4192bc6863588b594b3f5a52be17bc154b2b1929b8
47184080cbffb2af586922e6a7fc7c4b0096d7bc6b812dab4721d2b4511b88d9
4c5054528f59efbb9c1ea0868cadfdc404fc4e513c5c6705822d6c82986dd11a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4e909a6259c8a8fe1c9f9a0bb7e886039a2d5051f16605d47891d2bfd03879
506a66ea486c0e2340255b1256ae313b54454104f52f7c24df3f09cdc4e46c88
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
51c572ca483ac925ffc74b4818d4f8549fec7f2fd7c95b2196ed5ceac7c53931
557ce989720e156eb1a426bcfe1712117254ea2afebf2a220b98be76e4d7e959
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
589915e6140e7267e5999cc5d33c9c4281013f73eae00575af71674731b116b4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e33364319cecdae7060a1d02b22639ff3ffc6463314d9e561359cc81cee22b8
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60e634149163b81eafe8c2d6d6b76f5d52258aae4d35f10bbdb8edd76f396aba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6549bf05034f4bb4790ef4b398c87f7dc6a4bdc564afe5766c04e69fa3fb7148
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
73a93970a0a6500042ce3128f8cc41773d8c4c613688e7d39a3f1631e6a7a032
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8e95029211159e9230acb32895d02f0e22e61f7f99b732c47575011bd7f306c4
96cf5574f7b47b00b1c1eae9fae49cc23baf3d389fbb4f4c56bf27ffcd6da09e
97bf2a4e99b2e2b441f828f83d330e93eab80b58818a973a1219a5024656972c
9810fbef372b839703cb3e6f50d8cfb733ed8edcd195911c66a577cef3e20747
9b7edbdb69b25016ed337468fe8af411f6a48c1b9153de1402b3db00bff71424
a1cda6441d6032222b35f93ae5f3bddff8eab851e5e8622049ef96f0b53bb01b
a3f0c00f07071144162e6ba5c8ae0316824defcf50cccb626b8d0eeb71779216
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b0ba38e91d858368b95f1d8ff8a3fbed4f76eaf9dfe728569b0d8376e96ce4fa
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b30664d4f49414d8ddf821142e2cc20b2442108892c0957c391125d5274af9c1
b641681c90fc3b34eb3d70c7d0841e0f33864c0df24e53904ddcb51912357abe
bb74372a2eff823a0f65dcacda9933b9078fe11757b258e30fdce66d3d021f5d
c7fa6121ab341a6362d5c8a2c56ed35ef0077e1db0a55e1e9c16e6ac8adf1aa3
cea47933a808a3e4c0551f44824dd044c844bc050774f9dcf7aeebb856b61eea
cf84c21ef836e411333b5d13ea338f0c6c6c45b404264600c497e34f3cb5f937
cfd50fd536461e499db81c3592109623ea49c990e31e1e8d834b7ffbb0cc0e64
d0cd65a93ac5cce19aea242bf648116d45baa7bdf80f9653f215d7f5c6d9e264
d1fc9e15065b4ec12fc3078778fbf2067f2d34e5937c6d986425bf4d7aa25966
d33abcba27460192a5d9e0c72f361ac0126660e083a2f40779718c4d051fff25
d349ef0c43d6f15bf6df832a8c91f7e7a10a392b4bf4035f7af1480663866fa5
d627a5eaddf290439384dda3cb23fd8bdb9e78adbfcb69f736abae2b378bc856
ddfbfae9791e219a22f84d93f7a10f7faedc977a2562e4cc3f2507b21380df4d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2da7897fc4fdc4bc537b162ce30b828425055b13fd8bb511dbfa0704f220269
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee50c60d931555c67db6e6cbfd4b52307f268812283ecef8c2a11bd8b13d3b7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16075340f2e962ea1f77333967e99463976260b8bfd2f3b7bc00b5a1b4724ec
f5626d72af7f0c38e32d9a4d7f60848b471690cfa1b8f248d785673e0f2d5a63
f941a866daf376220c3227b79b97397f396f4cf82a7ed6a638013d5d23e7e78d
fa8ed0f0ef6d86ecbbee5c1bf75bb60a384bd5d2b6c646f46fbbce2d058752e0