crowsnestnl.ca Open in urlscan Pro
65.181.122.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://crowsnestnl.ca/fileshare/home/
Submission: On April 26 via api (April 26th 2022, 5:56:14 pm UTC) from US — Scanned from CA

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 41 HTTP transactions. The main IP is 65.181.122.32, located in United States and belongs to FORTRESSITX, US. The main domain is crowsnestnl.ca.

This is the only time crowsnestnl.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 16	65.181.122.32 65.181.122.32	25653 (FORTRESSITX) (FORTRESSITX)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	93.125.99.62 93.125.99.62	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	93.125.99.66 93.125.99.66	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:486a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
41	12

16 65.181.122.32 (United States) 4 redirects

ASN25653 (FORTRESSITX, US)
PTR: new.erfiedesign.com

crowsnestnl.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.125.99.62 (Belarus) 1 redirects

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: vh81.hosterby.com

awesome-bootstrap-checkbox.okendoken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.125.99.66 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: vh84.hosterby.com

start.hoster.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:486a (United States)

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	crowsnestnl.ca 4 redirects crowsnestnl.ca	69 KB
9	google.com docs.google.com — Cisco Umbrella Rank: 125 apis.google.com — Cisco Umbrella Rank: 98	567 KB
5	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3042 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 640	102 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1630	1 KB
3	gstatic.com www.gstatic.com ssl.gstatic.com	473 KB
2	elfsight.com apps.elfsight.com — Cisco Umbrella Rank: 16116 static.elfsight.com — Cisco Umbrella Rank: 16131	91 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	27 KB
1	hoster.by start.hoster.by — Cisco Umbrella Rank: 922556
1	okendoken.com 1 redirects awesome-bootstrap-checkbox.okendoken.com	84 B
41	9

	Domain	Requested by
16	crowsnestnl.ca	4 redirects crowsnestnl.ca
5	docs.google.com	static.elfsight.com docs.google.com www.gstatic.com
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
4	maxcdn.bootstrapcdn.com	crowsnestnl.ca maxcdn.bootstrapcdn.com
3	content.googleapis.com	apis.google.com
2	www.gstatic.com	docs.google.com
1	ssl.gstatic.com	www.gstatic.com
1	static.elfsight.com	crowsnestnl.ca
1	apps.elfsight.com	crowsnestnl.ca
1	cdnjs.cloudflare.com	crowsnestnl.ca
1	start.hoster.by	crowsnestnl.ca
1	awesome-bootstrap-checkbox.okendoken.com	1 redirects
1	netdna.bootstrapcdn.com	crowsnestnl.ca
41	13

This site contains links to these domains. Also see Links.

Domain
elfsight.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://crowsnestnl.ca/fileshare/home/
Frame ID: F460E01C65BA23BB3B5A526480FAB0AA
Requests: 20 HTTP requests in this frame

Frame: http://crowsnestnl.ca/fileshare/home/cmd/examples.html
Frame ID: 41A087C9EB655A1BA2427A4768F69E46
Requests: 7 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true
Frame ID: 25A2519AFA086E39FED724198F6EF00C
Requests: 11 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.iTmf4rxOyWc.O%2Fd%3D1%2Frs%3DAHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw%2Fm%3D__features__
Frame ID: 031FD3340DCF5F9AB4EEA5D33B2E911E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

You received an important file!

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

56 %
HTTPS

75 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

1324 kB
Transfer

3534 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://elfsight.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://awesome-bootstrap-checkbox.okendoken.com/demo/build.css HTTP 302
http://start.hoster.by/

Request Chain 11

http://crowsnestnl.ca/fileshare/home/cmd/main.js.t%C3%A9l%C3%A9chargement HTTP 301
https://crowsnestnl.ca/fileshare/home/cmd/main.js.t%C3%A9l%C3%A9chargement

Request Chain 12

http://crowsnestnl.ca/fileshare/home/cmd/wp-embed.min.js.t%C3%A9l%C3%A9chargement HTTP 301
https://crowsnestnl.ca/fileshare/home/cmd/wp-embed.min.js.t%C3%A9l%C3%A9chargement

Request Chain 14

http://crowsnestnl.ca/fileshare/home/cmd/iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement HTTP 301
https://crowsnestnl.ca/fileshare/home/cmd/iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement

Request Chain 15

http://crowsnestnl.ca/fileshare/home/cmd/pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement HTTP 301
https://crowsnestnl.ca/fileshare/home/cmd/pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement

Request Chain 18

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff HTTP 301
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff

Request Chain 19

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff HTTP 301
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff

Request Chain 40

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf HTTP 301
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf

Request Chain 41

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf HTTP 301
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf

41 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
crowsnestnl.ca/fileshare/home/ 11 KB
3 KB 195ms
176ms Document
text/html 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: 8d11723527faac90ffdf39e31f57ee1623799d286cb329ee6971685201075839

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3118
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Apr 2022 17:55:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.0/css/ 21 KB
5 KB 58ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome.min.css

Requested by

Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb102718687334c9562f1048617e79c04e1a0f281aafafa919b597e4cdb0178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 286100
cdn-cachedat: 2021-03-10 13:27:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:51 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 64e115b171938cecc5d16d81553a48ba
cf-ray: 702130ff18374bbe-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200
OK style.css
crowsnestnl.ca/fileshare/home/ 4 KB
1 KB 20ms
19ms Stylesheet
text/css 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: http://crowsnestnl.ca/fileshare/home/style.css
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: 34e9641c2e2d60c47339d7552cc03f693bc844b365e060b035948b3fc88eeed2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/fileshare/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:55:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 01:47:48 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 930

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
19 KB 45ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718
age: 286332
cdn-cachedat: 2021-03-10 13:26:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0bf33586010f1a79e3f4f11c2502f299
cdn-requestcountrycode: US
cf-ray: 702130ff1ca74bd7-YUL
cdn-cache: HIT
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 46ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 16684882
cdn-cachedat: 2021-04-13 02:36:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 357c5298f2849c0ce9712c57ec240f4e
cf-ray: 702130ff1ca84bd7-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1

404
Not Found

/
start.hoster.by/
Redirect Chain

https://awesome-bootstrap-checkbox.okendoken.com/demo/build.css
http://start.hoster.by/

0
0

270ms
135ms

Stylesheet
text/html

93.125.99.66
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: http://start.hoster.by/
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 93.125.99.66 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: vh84.hosterby.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

location: http://start.hoster.by
date: Tue, 26 Apr 2022 17:55:48 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK stylee.css
crowsnestnl.ca/fileshare/home/ 3 KB
1 KB 76ms
57ms Stylesheet
text/css 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: http://crowsnestnl.ca/fileshare/home/stylee.css
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: 779679715ff397ddfb3ea70f9ebea7c1c8fe919a8f2f1293cba5eeb4f9b7f1d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/fileshare/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:55:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 01:47:48 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 841

GET
H/1.1 200
OK style.min.css
crowsnestnl.ca/fileshare/home/cmd/ 57 KB
9 KB 2157ms
2138ms Stylesheet
text/css 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: http://crowsnestnl.ca/fileshare/home/cmd/style.min.css
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/fileshare/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:55:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 01:47:48 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8685

GET
H/1.1 200
OK logo.svg
crowsnestnl.ca/fileshare/home/cmd/ 3 KB
2 KB 1122ms
1103ms Image
image/svg+xml 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://crowsnestnl.ca/fileshare/home/cmd/logo.svg
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: a9f9ee904de94a247078be01a367a0efc67ac87b82887864808dcf64d70f621f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/fileshare/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:55:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 01:47:48 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1581

GET
H/1.1 200
OK main.css
crowsnestnl.ca/fileshare/home/cmd/ 191 KB
28 KB 47ms
28ms Stylesheet
text/css 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: http://crowsnestnl.ca/fileshare/home/cmd/main.css
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: f2f8c97b0b5d175e9e8359d149e755b18829f86484996c395b40c2976b3d8561

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/fileshare/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:55:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 01:47:48 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 28031

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 47ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1110376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26660
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVUsH6UmBDWvognrmlAOS5jKrsanYCE9zWZwrqx6MOQfJhgLszMucDAu2MizoRPt7Ohuy%2FCFYLo2An4c5aM7AMiI8QxlqjgWp46Ewiy39%2FERcvgLKjICYLw3gPFQG4qpOPtAUMfyM5tooY00atyVZveS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 702130ff1affca4f-YUL
expires: Sun, 16 Apr 2023 17:55:47 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 51ms
28ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 16690231
cdn-cachedat: 2021-06-08 14:34:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 77e06b41254584aa6a31fb9729f3c70b
cf-ray: 702130ff1caa4bd7-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1

403
Forbidden

main.js.t%C3%A9l%C3%A9chargement
crowsnestnl.ca/fileshare/home/cmd/
Redirect Chain

http://crowsnestnl.ca/fileshare/home/cmd/main.js.t%C3%A9l%C3%A9chargement
https://crowsnestnl.ca/fileshare/home/cmd/main.js.t%C3%A9l%C3%A9chargement

0
0

10173ms
10134ms

Script
text/html

65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: https://crowsnestnl.ca/fileshare/home/cmd/main.js.t%C3%A9l%C3%A9chargement
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:55:49 GMT
Server: Apache
X-Redirect-By: WordPress
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: https://crowsnestnl.ca/fileshare/home/cmd/main.js.t%C3%A9l%C3%A9chargement
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

403
Forbidden

wp-embed.min.js.t%C3%A9l%C3%A9chargement
crowsnestnl.ca/fileshare/home/cmd/
Redirect Chain

http://crowsnestnl.ca/fileshare/home/cmd/wp-embed.min.js.t%C3%A9l%C3%A9chargement
https://crowsnestnl.ca/fileshare/home/cmd/wp-embed.min.js.t%C3%A9l%C3%A9chargement

0
0

10380ms
10338ms

Script
text/html

65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: https://crowsnestnl.ca/fileshare/home/cmd/wp-embed.min.js.t%C3%A9l%C3%A9chargement
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:55:47 GMT
Server: Apache
X-Redirect-By: WordPress
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: https://crowsnestnl.ca/fileshare/home/cmd/wp-embed.min.js.t%C3%A9l%C3%A9chargement
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK examples.html Show response
crowsnestnl.ca/fileshare/home/cmd/ Frame 41A0 22 KB
3 KB 1107ms
1091ms Document
text/html 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: http://crowsnestnl.ca/fileshare/home/cmd/examples.html
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: 7ede1243c6d6bd86870e84bf9fb85a930465e92609a3ef1192dc81037bc9bedb

Request headers

Referer: http://crowsnestnl.ca/fileshare/home/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3071
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Apr 2022 17:55:48 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1

403
Forbidden

iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement
crowsnestnl.ca/fileshare/home/cmd/ Frame 41A0
Redirect Chain

http://crowsnestnl.ca/fileshare/home/cmd/iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement
https://crowsnestnl.ca/fileshare/home/cmd/iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement

0
0

10624ms
10584ms

Script
text/html

65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: https://crowsnestnl.ca/fileshare/home/cmd/iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/cmd/examples.html
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:55:48 GMT
Server: Apache
X-Redirect-By: WordPress
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: https://crowsnestnl.ca/fileshare/home/cmd/iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

403
Forbidden

pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement
crowsnestnl.ca/fileshare/home/cmd/ Frame 41A0
Redirect Chain

http://crowsnestnl.ca/fileshare/home/cmd/pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement
https://crowsnestnl.ca/fileshare/home/cmd/pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement

0
0

11053ms
11015ms

Script
text/html

65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: https://crowsnestnl.ca/fileshare/home/cmd/pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/cmd/examples.html
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:55:48 GMT
Server: Apache
X-Redirect-By: WordPress
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: https://crowsnestnl.ca/fileshare/home/cmd/pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK platform.js Show response
crowsnestnl.ca/fileshare/home/cmd/ Frame 41A0 46 KB
16 KB 21ms
20ms Script
application/javascript 65.181.122.32
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: http://crowsnestnl.ca/fileshare/home/cmd/platform.js
Requested by: Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/cmd/examples.html
Protocol: HTTP/1.1
Server: 65.181.122.32 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS: new.erfiedesign.com
Software: Apache /
Resource Hash: ae8d437de31b178387a7b0726b9a281592e13d7507054bdc74d9b0c09280be0e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/fileshare/home/cmd/examples.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:55:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 01:47:48 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 15659

GET
DATA 200
OK truncated
/ 296 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc8bd5066012f7fb381f9a6b83848860b5a7cd36f23249e5a2f1a29a589f616

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET

ProximaNova-Regular.woff
crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/
Redirect Chain

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff

0
0

GET

ProximaNova-Bold.woff
crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/
Redirect Chain

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff

0
0

GET
H3 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
65 KB 38ms
20ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin: http://crowsnestnl.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:55:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617
age: 2
cdn-proxyver: 1.0
cdn-cachedat: 10/15/2021 15:17:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "d95d6f5d5ab7cfefd09651800b69bd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0272bacc91e4e65fc9a3fe0b76e5ab91
cdn-requestcountrycode: US
accept-ranges: bytes
cf-ray: 7021310cab9dca4f-YUL
cdn-cache: HIT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
apps.elfsight.com/p/boot/ Frame 41A0 1 KB
2 KB 197ms
170ms XHR
application/json 2606:4700:20::ac43:486a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.elfsight.com/p/boot/?w=47ebe9f9-a917-42d7-993c-5ec2b9180623

Requested by

Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/cmd/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

487294ebbad4f86e9cbcc60c673f12395d8ed7e3853225770e4a902d64f9eeb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:56:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL1tNPlZ2JyeOlU9y28IzIxfi2WfGByBIE2RiidRnfWJpdpT9%2BDNw4BUOeDH9cNbLs5Xzh1hdc6dhWc3uktJWaY28NsA7heB9TkvEM8LOS3JkDTUzfa9IJ%2FbN0Zjds5LucTJ7gsDoCaSX%2B2AZG7f"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://crowsnestnl.ca
cache-control: no-cache, private
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 7021317b483aca4f-YUL
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H2 200 pdf-embed.js Show response
static.elfsight.com/apps/pdf-embed/release/9cd5023c-7955-436d-90da-c4349fddf2b4/app/ Frame 41A0 314 KB
90 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:486a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/pdf-embed/release/9cd5023c-7955-436d-90da-c4349fddf2b4/app/pdf-embed.js

Requested by

Host: crowsnestnl.ca
URL: http://crowsnestnl.ca/fileshare/home/cmd/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a983d0a483adda584bd2d0ec8a2d730bbc1c6fa8cdfe7076edea07d9012ea2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:56:07 GMT
content-encoding: br
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 375954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx000000000000008eec0d0-00626275a5-26d7450b-sfo2a
x-hw: 1650619811.dop205.tr2.t,1650619811.cds223.tr2.shn,1650619811.dop205.tr2.t,1650619813.cds203.tr2.pr
last-modified: Thu, 03 Feb 2022 12:26:23 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"3bdf96b9d353b912ec885c8d48b1dac3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OELbyAb5I00vaBWJSM9gnItrXcwAGuBIaw4J8Q%2BZ8kuY%2BXRzGnVxhmRK%2FkUJdLLxTC6DcRqFqd9gujueEmzw1T0l2cCaX4hWMiJYqWILaTVwih%2BlBoQi7qlQ21MscGarcl8R9qfHHB50COEPGMSdI7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-rgw-object-type: Normal
cf-ray: 7021317c596dca4f-YUL
cf-bgj: minify

GET
H2 200 gview Show response
docs.google.com/ Frame 25A2 9 KB
4 KB 157ms
110ms Document
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/pdf-embed/release/9cd5023c-7955-436d-90da-c4349fddf2b4/app/pdf-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0960c2f5a8cf92e302f341bf884062c947ea8c72b9d0e315a87c7eca4cf544ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cA0CHhBbFaUDB7NgHUiNcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://crowsnestnl.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cA0CHhBbFaUDB7NgHUiNcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Tue, 26 Apr 2022 17:56:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 41A0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://crowsnestnl.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rs=AC2dHMJFYiGxjekZUj52ATpZolGv4KmXfQ
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.TPb7D1WgeHg.L.W.O/d=0/ Frame 25A2 175 KB
27 KB 69ms
20ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.TPb7D1WgeHg.L.W.O/d=0/rs=AC2dHMJFYiGxjekZUj52ATpZolGv4KmXfQ

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f64d973e988d8bdd3e0c578707872a7ad49e176c8c53a665763674fb8551a01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26760
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 14:24:36 GMT

GET
H3 200 thumb
docs.google.com/viewerng/ Frame 25A2 212 KB
212 KB 89ms
48ms Image
image/webp 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFwLvJbGXXwJmvksD_x_phaFt7wf4Mu2rWiQU4v0TveeqeOgej_qtrqzYFYGl8K6IIfE9uADz0b8hbrlyrT3aNEm3Dj294eeL7cxT3HvrTPTQ_PKmKfyuL9bLR2IfjPmi8zEVC1nhDkN-6Zf4ccxc-m-C94dyjl99GDT6oec2skste7jmIX4LWdJY0DwQ-aqWyiPjOuaNgcqF8eMMV00J5mdHodGWJjIdUTKW_wcmQ_Mjsdf9vOsCyjBG66c95cNxLhFdyd2esWw3elavySMWC63IZ6i3slCrlPZflZwAzMdDA7kck9KT79-upstgFg2J3trWrAo3CMSuH3kLjTedWNsjqZBK2anudNIwaYAyCEIh_vGpUY%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2eed620a1a5affa679f5bc1f3b22776708798a6f8c83219a7b246bea8f3ea1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XUthpzUkoERV/+/cJR9uMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:56:08 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/webp
cache-control: private, max-age=300
content-security-policy: script-src 'report-sample' 'nonce-XUthpzUkoERV/+/cJR9uMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Tue, 26 Apr 2022 17:56:08 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.K-4-Lg08-2Y.O/d=1/rs=AC2dHMJOsGrmCmXcXhOum8v1YOfvAWHPlA/ Frame 25A2 1 MB
399 KB 87ms
39ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.K-4-Lg08-2Y.O/d=1/rs=AC2dHMJOsGrmCmXcXhOum8v1YOfvAWHPlA/m=main

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a2819ad642376d18034dc49659fd0228f2d46152ee49bd9eabe2d712a61984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 14:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 408187
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:06:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 14:59:06 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 25A2 14 KB
6 KB 83ms
36ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74628425fbd76c97fb010cc081ac9c6abaf31caaa31888b1010374aece97b035

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5543
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Tue, 26 Apr 2022 17:56:08 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "f9bf0e3b4a5bc04f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 17:56:08 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/ Frame 25A2 313 KB
106 KB 62ms
19ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4bd1f136d7259e53f1eccfe0e43836ac193f110ea8fdb512c5e0f5ee9152e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108248
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 00:25:26 GMT

GET
H2 200 v-sprite43.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 25A2 106 KB
47 KB 70ms
21ms Image
image/svg+xml 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite43.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.TPb7D1WgeHg.L.W.O/d=0/rs=AC2dHMJFYiGxjekZUj52ATpZolGv4KmXfQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 19:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 598863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47363
x-xss-protection: 0
last-modified: Sat, 05 Mar 2022 00:28:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Wed, 19 Apr 2023 19:35:05 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 25A2 36 B
85 B 45ms
44ms XHR
application/json 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgBbaY3Pz0e4eLOPloJTrxgykl0lZpyke0Lm3NEs16bKPkjcZCpdXxlIaEoxyP4MotFvEbV-_gBuYzKXg8Mim5LkTKb2eMqExwfzLIPZx7ERkpoR3yl1Di1R2AjTcb-ECrsoc03vmk6AZHHP

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.K-4-Lg08-2Y.O/d=1/rs=AC2dHMJOsGrmCmXcXhOum8v1YOfvAWHPlA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b7c0fbe0bd60dd5fa1dbfad0ece7835c374e0dfeb56c5812e28872235cec2a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h+z/w2ET2BQEFL5JhoX7bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-h+z/w2ET2BQEFL5JhoX7bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 25A2 212 KB
212 KB 47ms
46ms XHR
image/webp 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgBbaY3Pz0e4eLOPloJTrxgykl0lZpyke0Lm3NEs16bKPkjcZCpdXxlIaEoxyP4MotFvEbV-_gBuYzKXg8Mim5LkTKb2eMqExwfzLIPZx7ERkpoR3yl1Di1R2AjTcb-ECrsoc03vmk6AZHHP&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.K-4-Lg08-2Y.O/d=1/rs=AC2dHMJOsGrmCmXcXhOum8v1YOfvAWHPlA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2eed620a1a5affa679f5bc1f3b22776708798a6f8c83219a7b246bea8f3ea1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9ByBRB7i7EuKBo4kPKEtbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:56:08 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/webp
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-9ByBRB7i7EuKBo4kPKEtbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 25A2 17 B
67 B 45ms
44ms XHR
application/json 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgBbaY3Pz0e4eLOPloJTrxgykl0lZpyke0Lm3NEs16bKPkjcZCpdXxlIaEoxyP4MotFvEbV-_gBuYzKXg8Mim5LkTKb2eMqExwfzLIPZx7ERkpoR3yl1Di1R2AjTcb-ECrsoc03vmk6AZHHP&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.K-4-Lg08-2Y.O/d=1/rs=AC2dHMJOsGrmCmXcXhOum8v1YOfvAWHPlA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbf8ff1993fd6703cbb50772040c928dbecc9d17b0992ba1a6d85952b893fdf7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-angYNFNePyD2wAUtwXrR2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-angYNFNePyD2wAUtwXrR2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 031F 382 B
1 KB 86ms
38ms Document
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.iTmf4rxOyWc.O%2Fd%3D1%2Frs%3DAHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe75960c0cba732acde7f89a73f63a5a363ba49447b0e07dc30f113fd9685b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-R8GDo-7KygHhoTNHlCMEyg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 273
content-security-policy: script-src 'nonce-R8GDo-7KygHhoTNHlCMEyg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 17:56:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 7db878ed-02b8-4212-9b3d-235f0f15b40e
https://docs.google.com/ Frame 25A2 212 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/7db878ed-02b8-4212-9b3d-235f0f15b40e
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://files.elfsight.com/storage/97833a88-d60b-42ec-ac2c-e597baf07559/3db96f95-2d27-48f3-91d2-449990d3cf1c/revenue.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2eed620a1a5affa679f5bc1f3b22776708798a6f8c83219a7b246bea8f3ea1d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Length: 216674
Content-Type: image/webp

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 031F 14 KB
5 KB 56ms
55ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.iTmf4rxOyWc.O%2Fd%3D1%2Frs%3DAHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b8c6029b12e97523cf697107ce0b45b6966a70c9f429dbe880813ce168f342d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Tue, 26 Apr 2022 17:56:08 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "04b1542db357638d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 17:56:08 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/ Frame 031F 66 KB
23 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d92da20061193a0fec908c5ea27a255360eee4feb35bef6d0295332b66a5a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 23:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23277
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 23:19:14 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 031F 0
19 B 188ms
147ms XHR
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.127%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.127%20Safari%2F537.36
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.iTmf4rxOyWc.O%2Fd%3D1%2Frs%3DAHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:56:08 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 031F 0
19 B 186ms
146ms XHR
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.127%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.127%20Safari%2F537.36
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.iTmf4rxOyWc.O%2Fd%3D1%2Frs%3DAHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:56:08 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

ProximaNova-Bold.ttf
crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/
Redirect Chain

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf

0
0

GET

ProximaNova-Regular.ttf
crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/
Redirect Chain

http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf
https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: crowsnestnl.ca
URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff

Domain: crowsnestnl.ca
URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff

Domain: crowsnestnl.ca
URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf

Domain: crowsnestnl.ca
URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
crowsnestnl.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: fe6e1948682cfd9bc9f185f195c1a151
crowsnestnl.ca/	1969-12-31 23:59:59	Name: apbct_site_landing_ts Value: 1650995751
crowsnestnl.ca/	1969-12-31 23:59:59	Name: apbct_prev_referer Value: http%3A%2F%2Fcrowsnestnl.ca%2Ffileshare%2Fhome%2Fcmd%2Fmain.css
.crowsnestnl.ca/	1970-01-20 02:40:54	Name: apbct_site_referer Value: http%3A%2F%2Fcrowsnestnl.ca%2Ffileshare%2Fhome%2Fcmd%2Fmain.css
.apps.elfsight.com/	1970-01-20 02:36:35	Name: _p_hfp_client_id Value: 4223364770
.google.com/	1970-01-20 07:00:06	Name: NID Value: 511=ahnUPWxJhCEVCCLb0Ro25KQ-bwLRXWO5YmG5UGIpfo-J0iZ-4HMLtmZvAfXK29y97kEuJV2RPFVEZ12UmQ4OSchrX_TCrafoUMKxVQDXyjn7xES0NI1WSACnT2tC_i-C4TCAnngBVvLuALgHUdxYyY1XqUdNnCDF0rvVgh2hUtY
crowsnestnl.ca/	1969-12-31 23:59:59	Name: apbct_timestamp Value: 1650995770
crowsnestnl.ca/	1969-12-31 23:59:59	Name: apbct_page_hits Value: 2
crowsnestnl.ca/	1969-12-31 23:59:59	Name: apbct_cookies_test Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522be8a488d9eefad656d4960cfeaa7d6c2%2522%257D
.crowsnestnl.ca/	1970-01-20 02:40:54	Name: apbct_urls Value: %7B%22crowsnestnl.ca%5C%2Fwp-content%5C%2Fthemes%5C%2Felfsight%5C%2Ffrontend%5C%2Fassets%5C%2Ffonts%5C%2FProximaNova-Regular.woff%22%3A%5B1650995751%5D%2C%22crowsnestnl.ca%5C%2Fwp-content%5C%2Fthemes%5C%2Felfsight%5C%2Ffrontend%5C%2Fassets%5C%2Ffonts%5C%2FProximaNova-Bold.ttf%22%3A%5B1650995770%5D%7D

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://start.hoster.by/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://crowsnestnl.ca/fileshare/home/cmd/wp-embed.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://crowsnestnl.ca/fileshare/home/cmd/iframeResizer.contentWindow.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://crowsnestnl.ca/fileshare/home/cmd/pdf-embed.js%20.t%C3%A9%20l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://crowsnestnl.ca/fileshare/home/cmd/main.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: http://crowsnestnl.ca/fileshare/home/ Message: Access to font at 'https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff' (redirected from 'http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff') from origin 'http://crowsnestnl.ca' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://crowsnestnl.ca/fileshare/home/ Message: Access to font at 'https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff' (redirected from 'http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff') from origin 'http://crowsnestnl.ca' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://crowsnestnl.ca/fileshare/home/ Message: Access to font at 'https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf' (redirected from 'http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf') from origin 'http://crowsnestnl.ca' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://crowsnestnl.ca/fileshare/home/ Message: Access to font at 'https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf' (redirected from 'http://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf') from origin 'http://crowsnestnl.ca' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://crowsnestnl.ca/wp-content/themes/elfsight/frontend/assets/fonts/ProximaNova-Bold.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
apps.elfsight.com
awesome-bootstrap-checkbox.okendoken.com
cdnjs.cloudflare.com
content.googleapis.com
crowsnestnl.ca
docs.google.com
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
ssl.gstatic.com
start.hoster.by
static.elfsight.com
www.gstatic.com
crowsnestnl.ca
2606:4700:20::ac43:486a
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700::6812:bcf
2607:f8b0:4006:80d::200e
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2003
65.181.122.32
93.125.99.62
93.125.99.66
0960c2f5a8cf92e302f341bf884062c947ea8c72b9d0e315a87c7eca4cf544ff
09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2c4bd1f136d7259e53f1eccfe0e43836ac193f110ea8fdb512c5e0f5ee9152e9
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
34e9641c2e2d60c47339d7552cc03f693bc844b365e060b035948b3fc88eeed2
487294ebbad4f86e9cbcc60c673f12395d8ed7e3853225770e4a902d64f9eeb6
5d92da20061193a0fec908c5ea27a255360eee4feb35bef6d0295332b66a5a0c
74628425fbd76c97fb010cc081ac9c6abaf31caaa31888b1010374aece97b035
779679715ff397ddfb3ea70f9ebea7c1c8fe919a8f2f1293cba5eeb4f9b7f1d2
7b7c0fbe0bd60dd5fa1dbfad0ece7835c374e0dfeb56c5812e28872235cec2a5
7ede1243c6d6bd86870e84bf9fb85a930465e92609a3ef1192dc81037bc9bedb
8a983d0a483adda584bd2d0ec8a2d730bbc1c6fa8cdfe7076edea07d9012ea2f
8d11723527faac90ffdf39e31f57ee1623799d286cb329ee6971685201075839
9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b
9b8c6029b12e97523cf697107ce0b45b6966a70c9f429dbe880813ce168f342d
a2eed620a1a5affa679f5bc1f3b22776708798a6f8c83219a7b246bea8f3ea1d
a9f9ee904de94a247078be01a367a0efc67ac87b82887864808dcf64d70f621f
ae8d437de31b178387a7b0726b9a281592e13d7507054bdc74d9b0c09280be0e
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bbb102718687334c9562f1048617e79c04e1a0f281aafafa919b597e4cdb0178
bbf8ff1993fd6703cbb50772040c928dbecc9d17b0992ba1a6d85952b893fdf7
cbe75960c0cba732acde7f89a73f63a5a363ba49447b0e07dc30f113fd9685b7
d5a2819ad642376d18034dc49659fd0228f2d46152ee49bd9eabe2d712a61984
dfc8bd5066012f7fb381f9a6b83848860b5a7cd36f23249e5a2f1a29a589f616
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2f8c97b0b5d175e9e8359d149e755b18829f86484996c395b40c2976b3d8561
f64d973e988d8bdd3e0c578707872a7ad49e176c8c53a665763674fb8551a01d

crowsnestnl.ca Open in urlscan Pro 65.181.122.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

56 %HTTPS

75 %IPv6

9 Domains

13 Subdomains

12 IPs

2 Countries

1324 kBTransfer

3534 kBSize

10 Cookies

1 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

crowsnestnl.ca Open in urlscan Pro
65.181.122.32 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

56 %
HTTPS

75 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

1324 kB
Transfer

3534 kB
Size

10
Cookies

41 HTTP transactions
2 data transactions