mail.159-203-16-90.cprapid.com Open in urlscan Pro
159.203.16.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.159-203-16-90.cprapid.com/
Submission: On June 25 via api (June 25th 2024, 3:16:28 am UTC) from US — Scanned from CA

Summary HTTP 55 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 55 HTTP transactions. The main IP is 159.203.16.90, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is mail.159-203-16-90.cprapid.com.
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.

This is the only time mail.159-203-16-90.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	159.203.16.90 159.203.16.90	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	138.197.154.47 138.197.154.47	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:1403:9c0... 2600:1403:9c00:31::17c1:6a17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	2606:4700:303... 2606:4700:3036::ac43:8c70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c01::5f	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0e::65	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:400d:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2600:1403:9c0... 2600:1403:9c00:31::17c1:6a19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::67	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c03::5e	15169 (GOOGLE) (GOOGLE)
55	14

1 159.203.16.90 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)

mail.159-203-16-90.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.197.154.47 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: dokku-prod.beside.media

beside.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1403:9c00:31::17c1:6a17 (Miami, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3036::ac43:8c70 (United States)

ASN13335 (CLOUDFLARENET, US)

content.beside.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0e::65 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1403:9c00:31::17c1:6a19 (Miami, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::67 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	beside.media beside.media content.beside.media	9 MB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 649 p.typekit.net — Cisco Umbrella Rank: 807	120 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	159 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	54 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 8928	63 B
1	google.com www.google.com — Cisco Umbrella Rank: 5	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	359 B
1	gstatic.com fonts.gstatic.com	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	965 B
1	cprapid.com mail.159-203-16-90.cprapid.com	14 KB
55	12

	Domain	Requested by
20	content.beside.media	mail.159-203-16-90.cprapid.com
8	beside.media	mail.159-203-16-90.cprapid.com
5	www.facebook.com	mail.159-203-16-90.cprapid.com connect.facebook.net
5	use.typekit.net	mail.159-203-16-90.cprapid.com
4	connect.facebook.net	mail.159-203-16-90.cprapid.com cdnjs.cloudflare.com connect.facebook.net
4	cdnjs.cloudflare.com	mail.159-203-16-90.cprapid.com
2	www.google-analytics.com	mail.159-203-16-90.cprapid.com www.google-analytics.com
1	www.google.ca	mail.159-203-16-90.cprapid.com
1	www.google.com	mail.159-203-16-90.cprapid.com
1	p.typekit.net	mail.159-203-16-90.cprapid.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	beside.media
1	mail.159-203-16-90.cprapid.com
55	14

This site contains links to these domains. Also see Links.

Domain
beside.media
shop.beside.media
boutique.beside.media
www.facebook.com
www.instagram.com
www.youtube.com
soundcloud.com
besidemagazine.com
beside.myshopify.com

Subject Issuer	Validity	Valid
beside.media R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
content.beside.media E1	`2024-05-08` - `2024-08-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-03` - `2024-07-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.ca WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mail.159-203-16-90.cprapid.com/
Frame ID: 509947F615A82307AB331AC425EEBE02
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BESIDE

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

scrollreveal(?:\.min)(?:\.js)

Page Statistics

55
Requests

98 %
HTTPS

86 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

9440 kB
Transfer

10295 kB
Size

5
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://beside.media/sam-raetz/
Title: View Full Article

Search URL Search Domain Scan URL

URL: https://beside.media/like-honey-in-the-comb/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/the-optimist/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/we-need-each-others-eyes/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/basic-bike-maintenance/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/serie/canoe-concert/hanorah/
Title: View Full Article

Search URL Search Domain Scan URL

URL: https://beside.media/serie/canoe-concert/kroy/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/videos/societe-duvetnor/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/serie/first-timers-gone-fishing/episode-03-family-memories/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/serie/the-pioneers/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/podcast/beside-magazine-on-the-go/
Title: View Full Article

Search URL Search Domain Scan URL

URL: https://beside.media/podcast/somewhere-outside/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/festival-beside/
Title: View Full Article

Search URL Search Domain Scan URL

URL: https://beside.media/set-up-your-urban-garden/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/fr/prendre-des-photos-en-nature/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/take-photos-in-nature/
Title: View More

Search URL Search Domain Scan URL

URL: https://beside.media/

Search URL Search Domain Scan URL

URL: https://shop.beside.media/
Title: Shop

Search URL Search Domain Scan URL

URL: https://boutique.beside.media/

Search URL Search Domain Scan URL

URL: https://beside.media/fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.facebook.com/besidemagazine/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/beside_magazine/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_X7AeKKNL5Z-eLEfsSoTIw

Search URL Search Domain Scan URL

URL: https://soundcloud.com/user-161088648

Search URL Search Domain Scan URL

URL: https://besidemagazine.com/products/beside-issue-1
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://besidemagazine.com/products/subscription-solo-english
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://beside.myshopify.com/collections/shop/products/issue-03-fall-winter-2018
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://beside.media/about/
Title: About us

Search URL Search Domain Scan URL

URL: https://beside.media/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://beside.media/faq/
Title: FAQs

Search URL Search Domain Scan URL

URL: https://beside.media/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://beside.media/terms-and-conditions/
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://shop.beside.media/subscription
Title: Subscribe to BESIDE

Search URL Search Domain Scan URL

URL: https://shop.beside.media/products/issue-07
Title: Buy Current Issue

Search URL Search Domain Scan URL

URL: https://beside.media/stockists/
Title: Stockists

Search URL Search Domain Scan URL

URL: https://beside.media/category/besiders/
Title: The Besiders

Search URL Search Domain Scan URL

URL: https://beside.media/category/habitats/
Title: Habitats

Search URL Search Domain Scan URL

URL: https://beside.media/category/new-narratives/
Title: New Narratives

Search URL Search Domain Scan URL

URL: https://beside.media/category/visual-essays/
Title: Visual Essays

Search URL Search Domain Scan URL

URL: https://beside.media/category/manifestos/
Title: Manifestos

Search URL Search Domain Scan URL

URL: https://beside.media/category/mini-guides/
Title: Mini-Guides

Search URL Search Domain Scan URL

URL: https://beside.media/category/partnerships/
Title: Partnerships

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.159-203-16-90.cprapid.com/ 54 KB
14 KB 971ms
460ms Document
text/html 159.203.16.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 159.203.16.90 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 409a7188eee8062464136f496adb7b58d4313395683e6c0af725299b5461b2dd

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Alternate-Protocol: 443:npn-spdy/2
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jun 2024 03:16:20 GMT
Link: <https://beside.media/wp-json/>; rel="https://api.w.org/"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK main.css
beside.media/wp-content/themes/new-theme/dist/styles/ 188 KB
34 KB 379ms
112ms Stylesheet
text/css 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-content/themes/new-theme/dist/styles/main.css
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: 527b3d474558e9c492ab78d1cf2a11573ebc542b7c784f07f8c80c4f2b1a8cbd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2018 18:43:58 GMT
Server: nginx
ETag: W/"5a67826e-2ef9d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:21 GMT

GET
H3 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.2/css/ 17 KB
3 KB 427ms
99ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.2/css/swiper.min.css

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1105268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2437
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-455f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INFZnif8zz0y4smtml00TEqJKSickQYMOF2%2BI4FmRdssQCaVRj8X52zOG31AwSKBQ92thcEpJ8aVLE%2B5Y6TxGPXE1UvEI34FK6jI2wG1GxnKWSgOims6ZBLik0B0%2B34ablBcYWX3DrokkgXnwF2Wumhq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8991cc604f6ba220-YYZ
expires: Sun, 15 Jun 2025 03:16:21 GMT

GET
H2 200 jzs7cjw.js Show response
use.typekit.net/ 17 KB
7 KB 890ms
419ms Script
text/javascript 2600:1403:9c00:31::17c1:6a17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jzs7cjw.js

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1403:9c00:31::17c1:6a17 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

df9025c4cf2581523a1c0cc410b6ae5ffb1ad9a5f592a97507362c1eeb7999e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 25 Jun 2024 03:16:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6739

GET
H/1.1 200
OK styles.min.css
beside.media/wp-content/plugins/wp-store-locator/css/ 14 KB
4 KB 368ms
75ms Stylesheet
text/css 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.10
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: 1d1686e70b2d9be729aebc6ce7275619e32046f6ebcb27b8f8d1cd0533a6c164

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Dec 2017 08:27:12 GMT
Server: nginx
ETag: W/"5a2f92e0-378a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:21 GMT

GET
H2 200 Bobby-2-of-3thumbnail.jpg
content.beside.media/beside_/app/www/2020/05/ 155 KB
156 KB 454ms
101ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2020/05/Bobby-2-of-3thumbnail.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fb12cf383b636a42d2d43845a36054bc1a5f9daa75d665e500880250998415c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000cf64fe0a2133f21c-00662d362b-57bb2bbe-sfo2a
age: 2293
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 158795
cf-bgj: h2pri
last-modified: Tue, 05 May 2020 16:44:01 GMT
server: cloudflare
etag: "2eb3bb2218b91d6dc7ec7f8513db1670"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBsrEAPSetnQq%2FiaPbbdc%2F0zP7eoVgTcJaLLI0SaBGyIBkbGlhabkOV9bTi%2BdgnvO9u4HMc%2BGHRYqhQfABBpFhfLm0xIBjIOA7uqIdcSxwpMz8WXo1Ty7NRQOtf6P0ZrwB0Dqvf%2FbNQEwKPXjSjl%2FvRMjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc607f2f36aa-YYZ

GET
H2 200 BESIDE-Besisers_Portrait_Candide-1.jpg
content.beside.media/beside_/app/www/2020/06/ 249 KB
249 KB 628ms
276ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2020/06/BESIDE-Besisers_Portrait_Candide-1.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc11d3b872b52f9c61825b1f69219ca43f0d920ddeafcc8fa11f6c919da2ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000032e272cb1633c72b-00662d362b-57bf328f-sfo2a
age: 2293
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 254707
cf-bgj: h2pri
last-modified: Wed, 12 Feb 2020 20:37:29 GMT
server: cloudflare
etag: "7c8bb49235f4185dc5e37ca6a03c25e6"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjIvyBMl2lgDjtv34KoNghAqaN5RJsCxLdvgWbg5a1Iq6O5sAFga24d6D5tb0FNSpFKEGbBro6bDUtXYSxaRXQCqnRXpwXmEWmA%2F2yc%2B0gX7U11SE2hordPTj2xFB8IfJ9q%2F1d89YGiquJCTKxXnGoem0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc607f3136aa-YYZ

GET
H2 200 BESIDE_JohnWinterR_FEATURE.jpg
content.beside.media/beside_/app/www/2020/05/ 100 KB
101 KB 199ms
199ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2020/05/BESIDE_JohnWinterR_FEATURE.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f22d8cdd02fe1da0378efe5ddbb7e579a91f5282b4ff70d25b670aef2465558

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000798aa82a962420b2-00662d362b-57bced34-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 102511
cf-bgj: h2pri
last-modified: Mon, 04 May 2020 15:46:21 GMT
server: cloudflare
etag: "cba3bdbffb3abb5c99908ada4b75a195"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNBQbRmKR51UDgZUIc8ViDNGNAR9F6Wn80B%2FfKtQe4zgh3jQ8Pe6cZ1S%2BY8TdZTfwiQwBv7FhDIwx9XRxlbz%2F0jJxMPSVkipddCW417TPL0e4maNOUsSeZiwrlZHAPa2EgXybJ%2FmIty41wfhLfHCwX862Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc6238a236aa-YYZ

GET
H2 200 BESIDE_MARKMANN_feature.jpg
content.beside.media/beside_/app/www/2020/04/ 136 KB
136 KB 201ms
201ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2020/04/BESIDE_MARKMANN_feature.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c248d2031121572c72418a8602a4fa19571df8b07164ddda604292fce78eb9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000907f6152f3a1fac0-00662d362b-57bf328f-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 138831
cf-bgj: h2pri
last-modified: Thu, 30 Apr 2020 15:11:12 GMT
server: cloudflare
etag: "277452f637f5300d38e261aeb3255216"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIywmjHXtx9san2ReCtw3Kg9rj5o7SU5qSWjE%2FwaOfZYIyjCoGHygXFVdhPvTKLUkdX0Omfgz5q9pzvZlv4Q8kxWbI%2F5moKfiUMd2vr0S51SL7x49356tAylHZKv97z1FLkjhtTqdtCDSy5TJ6tuP1K0iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc6298f436aa-YYZ

GET
H2 200 BESIDE-WEB-miniguide-bike_feature.jpg
content.beside.media/beside_/app/www/2020/04/ 203 KB
203 KB 197ms
197ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2020/04/BESIDE-WEB-miniguide-bike_feature.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a638ee3eec144123a7a0aa41668b0f594424ef38a0db8bee2151a5950cbfa17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000001e234e8cc7673c52-00662d362b-57e11938-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 207757
cf-bgj: h2pri
last-modified: Tue, 28 Apr 2020 22:59:33 GMT
server: cloudflare
etag: "b3707556bef4c47a68c9905aeaa13fa1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fjxl6pvOaKVVu9uJ3FWBEeFrcJBnfSHZETfuUcd1uOCRiOhEljQoiJprVgVqdM3eST4urJZBlnKYUjSUmiVCOO8ir9zoVeD4tNWZWtE%2FQUNQaxEJicn0YK2VvuX0hyF8z0SLeITLypIcSSAkC%2FfQ07WKSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc637aa236aa-YYZ

GET
H2 200 Hanorah_web_feature.jpg
content.beside.media/beside_/app/www/2019/11/ 77 KB
78 KB 459ms
451ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2019/11/Hanorah_web_feature.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d23e39f849c1777857b04ab99c043c320d2982f8ce44edaa1f2e58263469aee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000023f7b3b62690bccc-00662d362b-57e11938-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 78992
cf-bgj: h2pri
last-modified: Thu, 07 Nov 2019 14:40:24 GMT
server: cloudflare
etag: "9b0389b73f2d9ede596906bd0de34ecd"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVptIU56zLNE0sWd0S6ENTDDa7BTmiXPLhU7yyLmn2wAIokGqBTSqT%2BOH%2FOGuY4DuKJjcbIIdkTtSXWB6zMFfBKpevQ8bVOSYo0FhNdnKqmWr8PXuyr1LBz4nlarNIthRN4dZhLCx%2B%2B7Q%2FVfATRdvmOb9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64bc6736aa-YYZ

GET
H2 200 CanoeConcert_Kroy_Feature.jpg
content.beside.media/beside_/app/www/2018/12/ 2 MB
2 MB 465ms
457ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2018/12/CanoeConcert_Kroy_Feature.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8eabbedc87cf6040dc4f769aae14dd1bfbeda7b6671b5bbf936c8af323c57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000002cd6d106e30fb25-00662d362b-57b4392e-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 2000144
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:18:55 GMT
server: cloudflare
etag: "b5c23e2e88dc612576bfe6b3a5b170bb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6v0CTWy0hDeSN5xCB3epQ8Vjkh%2Fvi25fzPjlWcT4l%2FmXYWXantJvDe49ZK62qx2dn8ijnAqD0UyOOy%2BbgSrriJLFZPGVc3SsIrkH%2FzS88RV0As0Mlh7PA3ecVnfnhiOF6Q7E2ryQm1fQCt6cRICafPJkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64bc6836aa-YYZ

GET
H2 200 Duvetnor_Feature2.jpg
content.beside.media/beside_/app/www/2018/11/ 649 KB
650 KB 419ms
411ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2018/11/Duvetnor_Feature2.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63469679b36bfa8ab674badf1af285a12d2c50b78b83a961a621e20a70386cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000cd9ec93830e13596-00662d362b-57bb2bbe-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 664066
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:18:23 GMT
server: cloudflare
etag: "53ea84a10e50b83dff486ec8f7fee461"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcFcHSAa82qaaZ26an8ekNPEufB2BxVnIrHYMYNl93mmTGLmSF%2BeWT%2BNQ9Rg4tqdahCgZEo%2FVpNbAFQCTQkzxZMYWXdbhTSXUhrnJH8YD1JWkB24tU5yZ4Ggkdhjr%2BRlQuU4GO%2FBasOwVmh63G%2FOv30YRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64bc6b36aa-YYZ

GET
H2 200 beside-family-memories.jpg
content.beside.media/beside_/app/www/2018/09/ 149 KB
150 KB 736ms
729ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2018/09/beside-family-memories.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dcbb6042d81055e275a511f28d570fee2916cb63e71721d0112895e6159cbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000a50d156ee7c273ed-00662d362b-57b4392e-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 152562
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 18:09:27 GMT
server: cloudflare
etag: "6f9ecb6d9902271faa68d73dc3f668a0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0Phzxj6omPvS4sFtOJPS5Eeig8xohYXztHuyvA2k0GD7nd79VXk5vifgmwBFdCDOliX0j65oQUEWJPmcRx19fncdA6ZfeLZnEZze2Io5CzBycUqv%2BQUX%2BF18LEVHBz0CUq2N0Wsn52g5830haCb8OCIuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64bc6c36aa-YYZ

GET
H2 200 LesPionniers_Photo.jpg
content.beside.media/beside_/app/www/2018/03/ 503 KB
504 KB 585ms
578ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2018/03/LesPionniers_Photo.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80f81b9672f505fcefd0ed8b1d64b4fc51e96ab000f82779e1c092f2581b1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000bd5a333ee44edca0-00662d362b-57b4392e-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 515409
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:12:41 GMT
server: cloudflare
etag: "b235a02c583a3c468086b1759d0219fc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hIVoP%2F7GlbfNYZdd6HYhfb%2FFuEETKRxUDpb6O9L3%2Foi3TowOeHQXhFhfU3EWBMuRJ04LnqZHLCnT0O47vHmlQrmo6rjICD8K4B4BN0cRhNyTUZSHERnTj0Q2SbLMBH1V6w6BFMhTus6j%2BrvRIV12GIlYtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64cc6f36aa-YYZ

GET
H2 200 BESIDE_BESIDE_WEB_BANNER.jpg
content.beside.media/beside_/app/www/2017/12/ 16 KB
16 KB 203ms
197ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2017/12/BESIDE_BESIDE_WEB_BANNER.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a85d62e0239a2c97d8ad0c9850886d0e66266136ced9bdb08e81721defde43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000001ab045daeab39f54-00662d362b-57b4392e-sfo2a
age: 2292
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 16388
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:09:18 GMT
server: cloudflare
etag: "882cad368559a54a859952157e0dc732"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2btvlDpSM1daWEBb4PlKYR%2FRNTlwmFhB%2Fmx%2Barwzuefs%2BmfURg02SKdJSnBms%2B4TEciyLRL0vqC4l1xUKzAceMKZctJVrr8DvVm%2FRLRdB%2BH3AlZaKmx%2B5QdYo34xrkwZTBp62FUBvpYp%2BRfkSDtVXMmqkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64cc7136aa-YYZ

GET
H2 200 BESIDE_QPD_WEB_BANNER-1.jpg
content.beside.media/beside_/app/www/2017/11/ 177 KB
178 KB 106ms
100ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2017/11/BESIDE_QPD_WEB_BANNER-1.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b4ad1b71d2a7ad8cb2f533ede118cdd6704de2a97458f33cb0d2b0f5dc0b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000b75d6abc4ea21943-00662d362b-57bf328f-sfo2a
age: 2293
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 181271
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:06:51 GMT
server: cloudflare
etag: "9a3e5bb6a7e2ead46274d5e79361c620"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vM%2B53k9%2Bs83GLr29Do57Rt4kfSNJ93F9S5wJKx9kk5m%2F2sQME7GZyJfaXE22Gfc4C80z3Z9mm%2FtkPc2J52%2FjsHRnb0Rp88E9QJgVFsWushOQgPB8SoSwE%2FfTCjuSvop%2FtqajgWU6W1fURroDveeWy3tPcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64cc7236aa-YYZ

GET
H2 200 Festival-02-notext.jpg
content.beside.media/beside_/app/www/2019/05/ 507 KB
508 KB 136ms
130ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2019/05/Festival-02-notext.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52fee8d98eeee3f1cca6569206c9a3fac67d2abb28a1d638778cc74d824934c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000021d200a3bd087fbf-00662d362b-57bced34-sfo2a
age: 2293
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 518796
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:25:25 GMT
server: cloudflare
etag: "845286a55a61e3dd4e16f2b1075121fe"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UOkn7Lj18AXsypEYo5twrJhzOb0P2nm2OnQXr6L8QJCvx8Nyx3gROaqhY46yGM6DsJm%2BALv%2B9N4VwEznB9z9%2FBnxnrD1%2FSrxOOxKwxq7K%2F9SyKv119R0VffsqeZy2RuAKLm%2F9FXIJ6EMFp3Dj0ELFvghwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64cc7536aa-YYZ

GET
H2 200 Officiel_SiteWeb_christian-joudrey3.jpg
content.beside.media/beside_/app/www/2019/05/ 1 MB
1 MB 203ms
197ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2019/05/Officiel_SiteWeb_christian-joudrey3.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9df45af1056e5fc9b38e4b9f74fbad0bd4c410295708e4f651b7a03d36847d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000d84d20acfe07675d-00662d362b-57bb2bbe-sfo2a
age: 2293
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 1550413
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:25:53 GMT
server: cloudflare
etag: "2256d347440dfaa552a43aabfe44f9d2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eahqphsb8i6JWA%2Fy7GPcG3EHgicNbRzOdIPQ50uEI8VCZL09JLUwuCGfKQXJOk%2BfLGHAVVqJbq5ZMARxByy7ZF31jDNwD1FyE4%2BVK%2FLifL%2FzK4v8eT8ypcNFgzoCwBJ21o5Er%2F1WiCk8XuQb4GCpYeAUvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64cc7836aa-YYZ

GET
H2 200 Officiel_SiteWeb_edward-virvel.jpg
content.beside.media/beside_/app/www/2019/05/ 1 MB
1 MB 119ms
114ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2019/05/Officiel_SiteWeb_edward-virvel.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e125a58b7c098a615638029c9a9ca516606df13631af2fe7e808c55de4e5b15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000658b40391c1f6be0-00662d362b-57bb2bbe-sfo2a
age: 2293
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 1217369
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:25:55 GMT
server: cloudflare
etag: "be19f811f92d0f1d05e2423d734b7535"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPWulVeX2G98vFHif1qSVOBaPGIZOHJ%2Fi5TRu%2Fyya%2F8QKNhcPxHUqTUZYOUcyupjsmm4jnGo637go8JsJufwEXNNgv3kTcXOStbESMnO1cFunMHb%2FdJOjYLCxaUfuKsW54uVFZ80cbfbSdVgdnmW2gp6sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64cc7b36aa-YYZ

GET
H2 200 BESIDE_1_fr_2048x.jpg
content.beside.media/beside_/app/www/2017/05/ 146 KB
147 KB 323ms
318ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2017/05/BESIDE_1_fr_2048x.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75327ab174af7631c70973a1d4f8ccccc7523a53a11b93af14281c31e186123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000fa0a8e03adbcebc5-00662d362b-57bf328f-sfo2a
age: 2292
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 149407
cf-bgj: h2pri
last-modified: Tue, 03 Sep 2019 18:00:18 GMT
server: cloudflare
etag: "3e83b2285072107914f2fb0844432e2c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50L5fmhD3DHFjL%2Ft%2FGQ0lb%2Bb7pdl3Y04U5UyKgT%2F9MRTvPb7lV5jR%2FKspidN9ENGm4yNXoS%2BPEf0x0WjF8rvV4sj7R3J3%2FuxFVfrZOSMliDbiExD4Nf0vUD1Ek5OU4sIvWiTc0pOm2F9Gt4wB8Q3bt1C1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64fc9a36aa-YYZ

GET
H2 200 BESIDE_2_fr_2048x.jpg
content.beside.media/beside_/app/www/2017/05/ 233 KB
234 KB 323ms
319ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2017/05/BESIDE_2_fr_2048x.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be09c6d513c77816065989195b40bc7ee4574a23d36befe16ef3b4ae8810e616

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000004c3d14f84b644c7b-00662d362b-57bb2bbe-sfo2a
age: 2292
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 238586
cf-bgj: h2pri
last-modified: Tue, 03 Sep 2019 17:59:44 GMT
server: cloudflare
etag: "c77fb92de5d5b956e64d540f0d0e7163"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzIjueO8nJnD28Mvkumg2M2BcexVlxpsDJiYeCHSXtnnEmU7h2zzsiepIyydvGOxkqfaWMZHhb4sex8bO2LM89%2FDAy3n0ELlXZUgX4MGGBGe5TXlnL5bMwNNRWLhomVQzsbSe3DMK0M13BEttkqDNjku7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64fc9b36aa-YYZ

GET
H2 200 BESIDE_3_fr_2048x.jpg
content.beside.media/beside_/app/www/2017/11/ 266 KB
267 KB 324ms
319ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2017/11/BESIDE_3_fr_2048x.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4915872b5e9fd06ce28d56af9f8c57e3f5d230ba014874cb86664b77f7fc019a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000655fe8b361ce8cf7-00662d362b-57bf32b7-sfo2a
age: 2293
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 272869
cf-bgj: h2pri
last-modified: Tue, 03 Sep 2019 17:58:53 GMT
server: cloudflare
etag: "1b3be853de2085c5a81f70a8d9af373e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6RIKDRApXamoz%2B1h%2FlxOnUJ0Dvyrq1sY7HzH3EAP5xEPWqSXoLNv8PVSyA8T35XrNJmRg5SEwgfBGu5WFArOFQTlaIlMiAMRZQi3H6wQlnzt8aUD%2F1YJDopLRvzqo0zwlb9jupOzStUOOC4SfqfdFnmqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64fc9c36aa-YYZ

GET
H2 200 CanoeConcert_Kroy_Banner.jpg
content.beside.media/beside_/app/www/2018/12/ 223 KB
223 KB 659ms
655ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2018/12/CanoeConcert_Kroy_Banner.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e93504e4b0048286fec74683f1c4662011994ea75d6f827e3026c3e304c1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000374c7a351ea52e56-00662d362b-57bf32b7-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 228067
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 11:18:52 GMT
server: cloudflare
etag: "97b5df4a6e977a109cc81e169b0018f0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9r1QFuvIzvnz%2BJRj6XFoyO6Thyw8%2F4OmTc%2BBAK8%2Bw8db5EgspKUjC%2F769bTF%2BdWt70C3ky5Ib01L4InYhwEi%2BVo25NCD5OVeEffQ8Awt57vIrICgopXYxpNyNJYia9WjL%2FdUrMpnTO2m9hJKCSk3hWtsOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64fc9d36aa-YYZ

GET
H2 200 LesPionniers_Photo.jpg
content.beside.media/beside_/app/www/2017/09/ 503 KB
504 KB 679ms
675ms Image
image/jpeg 2606:4700:3036::ac43:8c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.beside.media/beside_/app/www/2017/09/LesPionniers_Photo.jpg

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8c70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80f81b9672f505fcefd0ed8b1d64b4fc51e96ab000f82779e1c092f2581b1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000c71b3174782e45e5-00662d362b-57bf328f-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 515409
cf-bgj: h2pri
last-modified: Sun, 18 Aug 2019 10:57:28 GMT
server: cloudflare
etag: "b235a02c583a3c468086b1759d0219fc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZ7yRA45s1h5T1ePJYGXG65XTQe78xKA91KCMwZqMf%2Bf1fHLT3%2FD6Ds8DpP2HnP0ZQDtNPB1iDcRAGzXamS%2BUyJMMuKLpj8C%2B7OSM7U%2F%2BRPIWoNuqRzbq2RPCB4Ykh94QCruFtO858jlnLHEolN%2BxhQ4qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 5ac3b4a6-6dcd-4d38-82fc-95aefff99513
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8991cc64fc9e36aa-YYZ

GET
H/1.1 200
OK wp-embed.min.js Show response
beside.media/wp-includes/js/ 1 KB
1 KB 72ms
72ms Script
application/javascript 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-includes/js/wp-embed.min.js?ver=4.9.25
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: 37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 May 2024 07:30:57 GMT
Server: nginx
ETag: W/"664ef0b1-5a3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:21 GMT

GET
H/1.1 200
OK sitepress.js Show response
beside.media/wp-content/plugins/sitepress-multilingual-cms/res/js/ 349 B
702 B 70ms
70ms Script
application/javascript 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=4.9.25
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: da8639265c27dd624482432b9f55d4903ef994868232113295f121b014adccc7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:21 GMT
Last-Modified: Wed, 03 Aug 2016 14:30:28 GMT
Server: nginx
ETag: "57a20004-15d"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 349
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:21 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 102ms
100ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 929675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27277
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjJaHa34IABwidAFHvN6ZACpesFyJCt8QEHn%2BjAfw7IO8ki6w4hKyQhkvDidBVZ5MvtWCmS1V4IQ0O66MCQcesmN53X6kXQ35MMtmBy4qeWOeH4q2lsV%2FjmhugswRuKsf8r5buMbCvJx4B%2BqL8Hf357E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8991cc64bbc8a220-YYZ
expires: Sun, 15 Jun 2025 03:16:21 GMT

GET
H/1.1 200
OK stickyfill.js Show response
beside.media/wp-content/themes/new-theme/dist/scripts/ 5 KB
2 KB 78ms
74ms Script
application/javascript 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-content/themes/new-theme/dist/scripts/stickyfill.js
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: 37cb2d626d5b0446a085d21ffb1f27a9da40cb50b073d89fc32d2a868ced3082

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2018 18:44:05 GMT
Server: nginx
ETag: W/"5a678275-1599"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:21 GMT

GET
H3 200 scrollreveal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/scrollReveal.js/3.3.6/ 9 KB
3 KB 227ms
221ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/scrollReveal.js/3.3.6/scrollreveal.min.js

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 377591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2768
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-235d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2Fsbdx8CphM3xIdgO9dKghv1acBSOwGgvlSsILgHEANzor8ZthyqW5TCpm0SUF9b1NzdBjiD%2FFKBkMbhH82eL6ucvDXpGPk%2FAeIb5Dl1sGezYe2aP4xUO%2B8ZeWg7qigQSCu%2BYFDZ3Z8RErEDi1USdWv4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8991cc64bbd7a220-YYZ
expires: Sun, 15 Jun 2025 03:16:21 GMT

GET
H3 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.2/js/ 94 KB
21 KB 233ms
226ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.2/js/swiper.min.js

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 389215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20395
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-178a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YbMEClJm1dRxrIFd%2FLx4OZRVf%2BRhcQsRTsKGgZUYPiFngpE6XTxobAhmX9DQex%2F9Sp7MkU2vPdTHFy4hTV%2Fcf7Eu7Y2YZoUzMMV3jqRlJdbBf3Yz%2FNAH8SrTgmyWUgScBgpMMOa%2FnxKi941CgsiBZyly"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8991cc64bbdea220-YYZ
expires: Sun, 15 Jun 2025 03:16:21 GMT

GET
H/1.1 200
OK main.js Show response
beside.media/wp-content/themes/new-theme/dist/scripts/ 76 KB
24 KB 132ms
94ms Script
application/javascript 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-content/themes/new-theme/dist/scripts/main.js
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: c353ab4f89984738f0005b4d2282e410e0b0733490684ea04ffd19bfadf520cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2018 18:44:09 GMT
Server: nginx
ETag: W/"5a678279-13094"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
965 B 609ms
204ms Stylesheet
text/css 2607:f8b0:400d:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Eczar:400,500,600

Requested by

Host: beside.media
URL: https://beside.media/wp-content/themes/new-theme/dist/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd89da63869a0f504c94c9dfdf1af82b9fa329fc5327d3c75e7ad737f2cf2404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://beside.media/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jun 2024 03:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 03:16:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jun 2024 03:16:21 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
beside.media/wp-includes/js/ 12 KB
5 KB 155ms
83ms Script
application/javascript 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-includes/js/wp-emoji-release.min.js?ver=4.9.25
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 May 2024 07:30:57 GMT
Server: nginx
ETag: W/"664ef0b1-2ea7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 695ms
190ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jun 2024 03:16:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=13, mss=1392, tbw=2775, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: mgoY76T4+or6RbNAekP3xtZL6uaw+jx4QL+wP1j8vmlEyUUXNEpA3BsfFUOV1dZNqA7C2SJZ7vPkeaeNWSzNfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 BXRlvF3Pi-DLmz0lDO4.woff2
fonts.gstatic.com/s/eczar/v22/ 25 KB
26 KB 688ms
180ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/eczar/v22/BXRlvF3Pi-DLmz0lDO4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Eczar:400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3610caf7fa59f6f4d58a8d85c02855fb702feb9f28e908a83ff3cc4a4549d87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://mail.159-203-16-90.cprapid.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 20:01:04 GMT
x-content-type-options: nosniff
age: 458118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25972
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:33:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 20:01:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 660ms
118ms Script
text/javascript 2607:f8b0:400d:c0e::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 01:48:16 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5286
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 25 Jun 2024 03:48:16 GMT

GET
H2 200 l
use.typekit.net/af/06eb56/00000000000000003b9b208d/27/ 32 KB
32 KB 884ms
322ms Font
application/font-woff2 2600:1403:9c00:31::17c1:6a17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/06eb56/00000000000000003b9b208d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1403:9c00:31::17c1:6a17 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ee3822f9de3c6543f0939a8d3f5a02750505fc9b8fe0f525b857a4985998666c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Origin: https://mail.159-203-16-90.cprapid.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
server: nginx
etag: "f7f634cec545e0c1ee80918e71ab83bd76bea44b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32592

GET
H2 200 l
use.typekit.net/af/226611/00000000000000003b9b208e/27/ 28 KB
28 KB 867ms
305ms Font
application/font-woff2 2600:1403:9c00:31::17c1:6a17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/226611/00000000000000003b9b208e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1403:9c00:31::17c1:6a17 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ed774269702896a01cdf2b593206e3ed49f092bbfe8ba08000b29db9df0abe5e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Origin: https://mail.159-203-16-90.cprapid.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
server: nginx
etag: "8a05be8ae284474d1553287585eba8281049b964"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28304

GET
H2 200 l
use.typekit.net/af/fc8ec4/00000000000000003b9b2090/27/ 25 KB
25 KB 758ms
196ms Font
application/font-woff2 2600:1403:9c00:31::17c1:6a17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/fc8ec4/00000000000000003b9b2090/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1403:9c00:31::17c1:6a17 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 12d1a97adffa95359993d828b435d7da06e8c04094b2a7b604b6a9a76de4b6dc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Origin: https://mail.159-203-16-90.cprapid.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
server: nginx
etag: "a483f550d8b7088920d90c0ccd34d2453c925f7d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25676

GET
H2 200 l
use.typekit.net/af/7a6790/00000000000000003b9b2091/27/ 28 KB
28 KB 821ms
260ms Font
application/font-woff2 2600:1403:9c00:31::17c1:6a17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7a6790/00000000000000003b9b2091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1403:9c00:31::17c1:6a17 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fa3d75e60f467f7cab847e9e37980a71982a0337502efd3d4b27afce0114620e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Origin: https://mail.159-203-16-90.cprapid.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:22 GMT
server: nginx
etag: "6b464355a5064151ad60687c64800c2b04e40a9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28516

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 372ms
292ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?_=1719285382075

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c9c806fa4a3743718bd74a0ac0a6ed54b26df0deeebdf2a02339802b292ce88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 03:16:22 GMT
content-md5: 4VtZlAJtz6yoEnCAtj9GoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=31, mss=1392, tbw=63497, tp=-1, tpl=-1, uplat=37, ullat=0
x-fb-debug: JSj3DrYLgpkOcgidkYU+7zpMLo0XmSQXhV7sqaEU5+7xY+KShgRt+2FT12jlvsb1Wp9HgcSWlyTNyBSvjpv39Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a0ae93ac4cc4b92f96b31421d0eb65b0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "2b521e36153df2c5897e4df60191d5bb"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 25 Jun 2024 03:36:22 GMT

GET
H2 200 1766211440069295 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 174ms
173ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1766211440069295?v=2.9.158&r=stable&domain=mail.159-203-16-90.cprapid.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33366e506937ccb716d45fc22e6514571d8d8d168a09c469811c65d737767b38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jun 2024 03:16:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=64, mss=1392, tbw=65681, tp=-1, tpl=-1, uplat=65, ullat=0
pragma: public
x-fb-debug: z4QfoX/s+sqsIj3UGk5t/iAP2YjYOsBKG2jCeEXq7KVQXwCYHxIrN/uyrTZofDmjcgrH7w8s4/r0vY3NaKHMnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 437ms
108ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3ae7d8fd5fc234406dd0b1aa19d9bc2f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?_=1719285382075

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40a70cca2fbe919968f8dea968de3341ecc241ee0674ccdf301a692938b40a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Origin: https://mail.159-203-16-90.cprapid.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 03:16:23 GMT
content-md5: dQfotgpHb4YED3Zr0XiPpA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87600
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=106, rtx=0, c=24, mss=1232, tbw=10528, tp=15, tpl=0, uplat=1, ullat=-1
x-fb-debug: pRPifIIuBxr0aXMTQUhyO2ZD7lvxcsbcm6fcKolG69b8NYlntV5ccw1UpUeOa7Mb7MifriW5/IdXgTj/z9J7Aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4c4d3ab67265a542e8f309bde47751dc
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "636d78a36d3ee14439cf323283cf0ed0"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 25 Jun 2025 01:03:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 507ms
136ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1766211440069295&ev=PageView&dl=https%3A%2F%2Fmail.159-203-16-90.cprapid.com%2F&rl=&if=false&ts=1719285382859&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.3.1719285382857.398095213538970890&ler=empty&cdl=API_unavailable&it=1719285382660&coo=false&rqm=GET

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2816, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jun 2024 03:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 522ms
151ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1766211440069295&ev=PageView&dl=https%3A%2F%2Fmail.159-203-16-90.cprapid.com%2F&rl=&if=false&ts=1719285382859&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.3.1719285382857.398095213538970890&ler=empty&cdl=API_unavailable&it=1719285382660&coo=false&rqm=FGET

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9fd82408f417199f","source_keys":["1","2"]},{"key_piece":"0xef3f83e1b51507dd","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 25 Jun 2024 03:16:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7384274493358509813", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=13, mss=1392, tbw=6877, tp=-1, tpl=-1, uplat=44, ullat=0
pragma: no-cache
x-fb-debug: YuWPAN70zg6ReKNeZjbNlq6aYpHYVh+Dz5mahukbQx4p63Z7F3Kt4bJ+bGhE238ANpSmFPlYWvcEYV2PnMbhjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7384274493358509813"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 507ms
137ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1766211440069295&ev=ViewContent&dl=https%3A%2F%2Fmail.159-203-16-90.cprapid.com%2F&rl=&if=false&ts=1719285382861&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.3.1719285382857.398095213538970890&ler=empty&cdl=API_unavailable&it=1719285382660&coo=false&rqm=GET

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2816, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jun 2024 03:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 520ms
150ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1766211440069295&ev=ViewContent&dl=https%3A%2F%2Fmail.159-203-16-90.cprapid.com%2F&rl=&if=false&ts=1719285382861&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.3.1719285382857.398095213538970890&ler=empty&cdl=API_unavailable&it=1719285382660&coo=false&rqm=FGET

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc5658999e2ba3d34","source_keys":["1","2"]},{"key_piece":"0x841f3695ce714f62","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 25 Jun 2024 03:16:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7384274492990498165", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=13, mss=1392, tbw=3166, tp=-1, tpl=-1, uplat=30, ullat=0
pragma: no-cache
x-fb-debug: fl7U/UbeeRe0j0a9b/iTsTrTWxpIJZlIqhhM1TNGF4iFNuOfXAM2HOEs+unEjtkGAKVGWJmSUT6hjm0gO6wQLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7384274492990498165"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 133ms
132ms XHR
text/plain 2607:f8b0:400d:c0e::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2002343959&t=pageview&_s=1&dl=https%3A%2F%2Fmail.159-203-16-90.cprapid.com%2F&ul=en-ca&de=UTF-8&dt=BESIDE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgCI~&jid=1566224336&gjid=1300525262&cid=848249916.1719285383&tid=UA-100090760-1&_gid=1312673501.1719285383&_r=1&_slc=1&z=610562808

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 03:16:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.159-203-16-90.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
359 B 591ms
198ms XHR
text/plain 2607:f8b0:400d:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100090760-1&cid=848249916.1719285383&jid=1566224336&gjid=1300525262&_gid=1312673501.1719285383&_u=YEBAAEAAAAAAACgCI~&z=1106185378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jun 2024 03:16:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.159-203-16-90.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 692ms
218ms Image
image/gif 2600:1403:9c00:31::17c1:6a19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=jzs7cjw&ht=tk&h=mail.159-203-16-90.cprapid.com&f=39565.39566.39568.39569&a=84249460&js=1.21.0&app=typekit&e=js&_=1719285383139
Requested by: Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1403:9c00:31::17c1:6a19 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:16:23 GMT
last-modified: Sat, 16 Oct 2021 08:20:50 GMT
server: nginx
etag: "616a8b62-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 211ms
211ms Fetch
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1434706216593328&input_token&origin=1&redirect_uri=https%3A%2F%2Fmail.159-203-16-90.cprapid.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3ae7d8fd5fc234406dd0b1aa19d9bc2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 25 Jun 2024 03:16:23 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7384274493092695968", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=13, mss=1392, tbw=8154, tp=-1, tpl=-1, uplat=21, ullat=0
pragma: no-cache
x-fb-debug: zFNStE9+QK9EDEcjhybW1QjbPVfO7ZbkGr1iGuJOf3JOnag0T4Q7Dtrbny2CxFN/txL/wdLr0TjdPHOPDOpANQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7384274493092695968"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.159-203-16-90.cprapid.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 592ms
172ms Image
image/gif 2607:f8b0:400d:c0e::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100090760-1&cid=848249916.1719285383&jid=1566224336&_u=YEBAAEAAAAAAACgCI~&z=416964649

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::67 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 03:16:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 834ms
490ms Image
image/gif 2607:f8b0:400d:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100090760-1&cid=848249916.1719285383&jid=1566224336&_u=YEBAAEAAAAAAACgCI~&z=416964649

Requested by

Host: mail.159-203-16-90.cprapid.com
URL: https://mail.159-203-16-90.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 03:16:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon.png
beside.media/wp-content/themes/new-theme/dist/images/ 905 B
1 KB 74ms
74ms Other
image/png 138.197.154.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beside.media/wp-content/themes/new-theme/dist/images/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.197.154.47 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dokku-prod.beside.media
Software: nginx /
Resource Hash: 6388fe7f570a606e674639e27325736aa3d583cd67d4e1945798e75b58e760bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mail.159-203-16-90.cprapid.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 03:16:24 GMT
Last-Modified: Tue, 23 Jan 2018 18:44:12 GMT
Server: nginx
ETag: "5a67827c-389"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 905
Alternate-Protocol: 443:npn-spdy/2
Expires: Wed, 25 Jun 2025 03:16:24 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mail.159-203-16-90.cprapid.com/	1970-01-20 21:36:11	Name: _icl_current_language Value: en
.mail.159-203-16-90.cprapid.com/	1970-01-20 23:44:21	Name: _fbp Value: fb.3.1719285382857.398095213538970890
.mail.159-203-16-90.cprapid.com/	1970-01-21 07:10:45	Name: _ga Value: GA1.4.848249916.1719285383
.mail.159-203-16-90.cprapid.com/	1970-01-20 21:36:11	Name: _gid Value: GA1.4.1312673501.1719285383
.mail.159-203-16-90.cprapid.com/	1970-01-20 21:34:45	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beside.media
cdnjs.cloudflare.com
connect.facebook.net
content.beside.media
fonts.googleapis.com
fonts.gstatic.com
mail.159-203-16-90.cprapid.com
p.typekit.net
stats.g.doubleclick.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
138.197.154.47
159.203.16.90
2600:1403:9c00:31::17c1:6a17
2600:1403:9c00:31::17c1:6a19
2606:4700:3036::ac43:8c70
2606:4700::6811:190e
2607:f8b0:400d:c01::5f
2607:f8b0:400d:c03::5e
2607:f8b0:400d:c07::9a
2607:f8b0:400d:c0e::5e
2607:f8b0:400d:c0e::65
2607:f8b0:400d:c0e::67
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0dcbb6042d81055e275a511f28d570fee2916cb63e71721d0112895e6159cbeb
12d1a97adffa95359993d828b435d7da06e8c04094b2a7b604b6a9a76de4b6dc
14e93504e4b0048286fec74683f1c4662011994ea75d6f827e3026c3e304c1a3
1d1686e70b2d9be729aebc6ce7275619e32046f6ebcb27b8f8d1cd0533a6c164
2f22d8cdd02fe1da0378efe5ddbb7e579a91f5282b4ff70d25b670aef2465558
33366e506937ccb716d45fc22e6514571d8d8d168a09c469811c65d737767b38
3610caf7fa59f6f4d58a8d85c02855fb702feb9f28e908a83ff3cc4a4549d87b
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
37cb2d626d5b0446a085d21ffb1f27a9da40cb50b073d89fc32d2a868ced3082
409a7188eee8062464136f496adb7b58d4313395683e6c0af725299b5461b2dd
40a70cca2fbe919968f8dea968de3341ecc241ee0674ccdf301a692938b40a91
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417
4915872b5e9fd06ce28d56af9f8c57e3f5d230ba014874cb86664b77f7fc019a
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4c248d2031121572c72418a8602a4fa19571df8b07164ddda604292fce78eb9c
527b3d474558e9c492ab78d1cf2a11573ebc542b7c784f07f8c80c4f2b1a8cbd
52fee8d98eeee3f1cca6569206c9a3fac67d2abb28a1d638778cc74d824934c0
63469679b36bfa8ab674badf1af285a12d2c50b78b83a961a621e20a70386cd7
6388fe7f570a606e674639e27325736aa3d583cd67d4e1945798e75b58e760bf
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
7b8eabbedc87cf6040dc4f769aae14dd1bfbeda7b6671b5bbf936c8af323c57e
7c9c806fa4a3743718bd74a0ac0a6ed54b26df0deeebdf2a02339802b292ce88
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8dc11d3b872b52f9c61825b1f69219ca43f0d920ddeafcc8fa11f6c919da2ed6
8fb12cf383b636a42d2d43845a36054bc1a5f9daa75d665e500880250998415c
91b4ad1b71d2a7ad8cb2f533ede118cdd6704de2a97458f33cb0d2b0f5dc0b13
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a638ee3eec144123a7a0aa41668b0f594424ef38a0db8bee2151a5950cbfa17a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b80f81b9672f505fcefd0ed8b1d64b4fc51e96ab000f82779e1c092f2581b1e7
bd89da63869a0f504c94c9dfdf1af82b9fa329fc5327d3c75e7ad737f2cf2404
be09c6d513c77816065989195b40bc7ee4574a23d36befe16ef3b4ae8810e616
c353ab4f89984738f0005b4d2282e410e0b0733490684ea04ffd19bfadf520cb
c9df45af1056e5fc9b38e4b9f74fbad0bd4c410295708e4f651b7a03d36847d9
d1a85d62e0239a2c97d8ad0c9850886d0e66266136ced9bdb08e81721defde43
d23e39f849c1777857b04ab99c043c320d2982f8ce44edaa1f2e58263469aee4
da8639265c27dd624482432b9f55d4903ef994868232113295f121b014adccc7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9025c4cf2581523a1c0cc410b6ae5ffb1ad9a5f592a97507362c1eeb7999e9
e125a58b7c098a615638029c9a9ca516606df13631af2fe7e808c55de4e5b15e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed774269702896a01cdf2b593206e3ed49f092bbfe8ba08000b29db9df0abe5e
ee3822f9de3c6543f0939a8d3f5a02750505fc9b8fe0f525b857a4985998666c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75327ab174af7631c70973a1d4f8ccccc7523a53a11b93af14281c31e186123
fa3d75e60f467f7cab847e9e37980a71982a0337502efd3d4b27afce0114620e

mail.159-203-16-90.cprapid.com Open in urlscan Pro 159.203.16.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

86 %IPv6

12 Domains

14 Subdomains

14 IPs

2 Countries

9440 kBTransfer

10295 kBSize

5 Cookies

42 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.159-203-16-90.cprapid.com Open in urlscan Pro
159.203.16.90 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

86 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

9440 kB
Transfer

10295 kB
Size

5
Cookies

55 HTTP transactions
0 data transactions