urlscan.io logo urlscan.io
SecurityTrails logo

members.aprespass.ca Open in urlscan Pro
168.62.224.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://members.aprespass.ca/
Effective URL: https://members.aprespass.ca/page/login
Submission: On December 22 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 62 HTTP transactions. The main IP is 168.62.224.13, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is members.aprespass.ca.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on December 9th 2023. Valid for: 6 months.
This is the only time members.aprespass.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 6 168.62.224.13 8075 (MICROSOFT...)
3 152.195.19.97 15133 (EDGECAST)
2 20.40.202.12 8075 (MICROSOFT...)
2 104.17.24.14 13335 (CLOUDFLAR...)
7 52.239.153.4 8075 (MICROSOFT...)
3 142.251.16.97 15169 (GOOGLE)
3 142.251.163.95 15169 (GOOGLE)
2 151.101.2.159 54113 (FASTLY)
6 216.239.34.178 15169 (GOOGLE)
2 13.107.213.38 8075 (MICROSOFT...)
7 18.154.206.27 16509 (AMAZON-02)
2 157.240.244.1 32934 (FACEBOOK)
3 20.120.65.166 8075 (MICROSOFT...)
2 54.244.180.221 16509 (AMAZON-02)
1 157.240.244.35 32934 (FACEBOOK)
10 44.229.152.84 16509 (AMAZON-02)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 1 204.79.197.200 8068 (MICROSOFT...)
2 35.167.177.33 16509 (AMAZON-02)
1 13.249.39.24 16509 (AMAZON-02)
62 19
6    168.62.224.13 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
members.aprespass.ca
3    152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)
storage.peoplevine.com
2    20.40.202.12 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
control.peoplevine.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    52.239.153.4 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
peoplevine.blob.core.windows.net
3    142.251.16.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net
www.googletagmanager.com
3    142.251.163.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
fonts.googleapis.com
2    151.101.2.159 (United States)

ASN54113 (FASTLY, US)
gibbonswhistler.com
6    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    13.107.213.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
7    18.154.206.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-206-27.lax50.r.cloudfront.net
connect.podium.com
2    157.240.244.1 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net
connect.facebook.net
3    20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
l.clarity.ms
2    54.244.180.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-180-221.us-west-2.compute.amazonaws.com
lab.analyticspodium.com
1    157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com
www.facebook.com
10    44.229.152.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-152-84.us-west-2.compute.amazonaws.com
mind-flayer.podium.com
2    20.125.209.212 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
2    35.167.177.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-177-33.us-west-2.compute.amazonaws.com
api2.analyticspodium.com
1    13.249.39.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-24.iad89.r.cloudfront.net
assets.podium.com
Apex Domain
Subdomains		 Transfer
18 podium.com
connect.podium.com — Cisco Umbrella Rank: 29489
mind-flayer.podium.com — Cisco Umbrella Rank: 29908
assets.podium.com — Cisco Umbrella Rank: 49683
380 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
l.clarity.ms — Cisco Umbrella Rank: 50737
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
7 windows.net
peoplevine.blob.core.windows.net — Cisco Umbrella Rank: 549372
409 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
6 aprespass.ca
members.aprespass.ca
87 KB
5 peoplevine.com
storage.peoplevine.com
control.peoplevine.com
447 KB
4 analyticspodium.com
lab.analyticspodium.com — Cisco Umbrella Rank: 29198
api2.analyticspodium.com — Cisco Umbrella Rank: 33331
6 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
217 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 gibbonswhistler.com
gibbonswhistler.com
36 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
88 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
765 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
62 14
Domain Requested by
10 mind-flayer.podium.com connect.podium.com
7 connect.podium.com www.googletagmanager.com
connect.podium.com
7 peoplevine.blob.core.windows.net members.aprespass.ca
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
members.aprespass.ca
6 members.aprespass.ca 3 redirects members.aprespass.ca
3 l.clarity.ms www.clarity.ms
3 fonts.googleapis.com members.aprespass.ca
control.peoplevine.com
3 www.googletagmanager.com members.aprespass.ca
www.googletagmanager.com
3 storage.peoplevine.com members.aprespass.ca
2 api2.analyticspodium.com connect.podium.com
2 c.clarity.ms 1 redirects
2 lab.analyticspodium.com connect.podium.com
2 connect.facebook.net members.aprespass.ca
connect.facebook.net
2 www.clarity.ms members.aprespass.ca
www.clarity.ms
2 gibbonswhistler.com peoplevine.blob.core.windows.net
2 cdnjs.cloudflare.com members.aprespass.ca
cdnjs.cloudflare.com
2 control.peoplevine.com members.aprespass.ca
1 assets.podium.com
1 c.bing.com 1 redirects
1 www.facebook.com members.aprespass.ca
62 20

This site contains links to these domains. Also see Links.

Domain
aprespass.ca
www.facebook.com
www.instagram.com
www.peoplevine.com
Subject Issuer Validity Valid
members.aprespass.ca
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-12-09 -
2024-06-09		 6 months crt.sh
sni10875gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-18 -
2024-09-17		 a year crt.sh
*.control.peoplevine.com
Go Daddy Secure Certificate Authority - G2		 2023-09-01 -
2024-10-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-09-27 -
2024-09-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
gibbonswhistler.com
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.podium.com
Amazon RSA 2048 M02		 2023-05-24 -
2024-06-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-30 -
2023-12-29		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.analyticspodium.com
Amazon RSA 2048 M01		 2023-01-26 -
2024-02-24		 a year crt.sh

This page contains 3 frames:

Primary Page: https://members.aprespass.ca/page/login
Frame ID: 16C75A9FEFD9ACA828A65A2D8C8EAB31
Requests: 48 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 7BA31D35D9D40BA9ACDAE857CEF96F77
Requests: 3 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: D15E44A38C2D2527E6F07D9E2D707227
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login to the Membership Portal

Page URL History Show full URLs

  1. http://members.aprespass.ca/ HTTP 302
    https://members.aprespass.ca/ HTTP 302
    https://members.aprespass.ca/login HTTP 302
    https://members.aprespass.ca/page/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

19
IPs

3
Countries

1788 kB
Transfer

4097 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://members.aprespass.ca/ HTTP 302
    https://members.aprespass.ca/ HTTP 302
    https://members.aprespass.ca/login HTTP 302
    https://members.aprespass.ca/page/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&RedC=c.clarity.ms&MXFR=0F72973A3F74669C0B5684D53B7468DF HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&MUID=10EC557E6E946A1D06AA46916FBE6BFF

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
members.aprespass.ca/page/
Redirect Chain
  • http://members.aprespass.ca/
  • https://members.aprespass.ca/
  • https://members.aprespass.ca/login
  • https://members.aprespass.ca/page/login
38 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a4fb22778f4aa17c61f4d9a83fff238bf20ca02711a0ff44bdb0d57fce1182c
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
Public-Key-Pins
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
cache-control
no-cache, no-store
content-encoding
gzip
content-length
27255
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
content-type
text/html; charset=utf-8
date
Fri, 22 Dec 2023 04:56:41 GMT
expires
-1
pragma
no-cache
public-key-pins
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
cache-control
no-cache, no-store
content-length
128
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
content-type
text/html; charset=utf-8
date
Fri, 22 Dec 2023 04:56:40 GMT
expires
-1
location
/page/login
pragma
no-cache
public-key-pins
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
bootstrap.min.css
storage.peoplevine.com/media/361/portal/assets/bootstrap/4.5.0/css/ 		157 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.peoplevine.com/media/361/portal/assets/bootstrap/4.5.0/css/bootstrap.min.css?build=20210301
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/0736) /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Dec 2023 04:56:41 GMT
content-md5
Ov4V6XZzTZ2qwmMQEQxFlA==
age
22336
x-cache
HIT
content-length
160403
x-ms-lease-status
unlocked
last-modified
Mon, 03 Aug 2020 18:34:33 GMT
server
ECAcc (chd/0736)
etag
0x8D837DBDDF194BC
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
5f43d73f-401e-0086-425f-34f7a8000000
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bundle.min.css
members.aprespass.ca/css/ 		93 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://members.aprespass.ca/css/bundle.min.css?build=20210301
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3191923a61403986f9070df684f8f9f3d451f782e5fbb02f20d9ed518cd780ee
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
Public-Key-Pins
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/page/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
content-length
16139
x-xss-protection
1; mode=block
public-key-pins
pragma
no-cache
last-modified
Sun, 12 Nov 2023 23:05:39 GMT
etag
"80e396c0bc15da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, no-store
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
-1
shared.min.css
control.peoplevine.com/assets-ui-update/css/ 		522 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://control.peoplevine.com/assets-ui-update/css/shared.min.css?build=20210301
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.12 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
309499d9289bfc7f8ab25c86e4b7377eb18988dc8864d1b857063237f86f6ccb
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https: blob:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
Public-Key-Pins
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https: blob:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
last-modified
Sat, 28 Oct 2023 22:49:02 GMT
etag
"08322f2f09da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
75270
x-xss-protection
1; mode=block
public-key-pins
peoplevine-styles.min.css
control.peoplevine.com/assets-ui-update/css/ 		480 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://control.peoplevine.com/assets-ui-update/css/peoplevine-styles.min.css?build=20210301
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.12 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ed14a11b075ce49fd1f08617afbe12b18edf1eaa8e98af4ab701703d0405c8e5
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https: blob:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
Public-Key-Pins
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https: blob:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
last-modified
Sat, 28 Oct 2023 22:49:06 GMT
etag
"0dd84f4f09da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
71803
x-xss-protection
1; mode=block
public-key-pins
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1794927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10472
last-modified
Wed, 13 Jan 2021 22:29:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7431-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vdv4SYBP2Gf%2FPh4VFM%2FZfSfLw%2BoaB1dMYSKJwQ%2F7jzB97XhEdrqCsajfhmnRgQjFphVwwxIWb1Lmz2DKfl2r5DRMp0KJwmqxVej1s%2F%2FjIE7HuagVgGJXdY00ueVEfvwHiUvJ%2FezJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8395c79db80b36a0-YYZ
expires
Wed, 11 Dec 2024 04:56:41 GMT
apres-main-styles.css
peoplevine.blob.core.windows.net/media/1073/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peoplevine.blob.core.windows.net/media/1073/apres-main-styles.css
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.153.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
791984c37c91bba9f4b1f1edd880391fc269af0616451bb834fd25defe658c45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 04:56:41 GMT
Last-Modified
Mon, 03 Jul 2023 23:31:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
X8O4WgTZ89WMOQ9euTZC9Q==
ETag
0x8DB7C1DA6CAFA30
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
764d9f30-c01e-00d3-7c93-341cdf000000
Cache-Control
max-age=86400
x-ms-version
2009-09-19
Content-Length
1618
apres-script.js
peoplevine.blob.core.windows.net/media/1073/ 		37 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://peoplevine.blob.core.windows.net/media/1073/apres-script.js
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.153.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2f97a5d23b7e9c9506990d320194701d4ba9ffdc60bdf079bfbcf7018d1b6f2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 04:56:41 GMT
Last-Modified
Tue, 06 Dec 2022 20:07:36 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ujMhtDuJQWUa8UFpXPOCOw==
ETag
0x8DAD7C58519862D
Content-Type
text/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
2eb8540a-e01e-0003-2393-34a07d000000
Cache-Control
max-age=86400
x-ms-version
2009-09-19
Content-Length
37
1435_override_css.css
peoplevine.blob.core.windows.net/files/1073/style/ 		485 B
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peoplevine.blob.core.windows.net/files/1073/style/1435_override_css.css?cache=20230626092758
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.153.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9ed82c10d295bf4793cb1720a2eb9c973b59db5bd598be2679fae8b80ac4e9cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 04:56:41 GMT
Last-Modified
Mon, 26 Jun 2023 21:27:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
PbT8g/TN4yVEXAIxlb6W9A==
ETag
0x8DB768C368D5766
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
cb881e77-c01e-00f1-4e93-3472e9000000
Cache-Control
max-age=86400
x-ms-version
2009-09-19
Content-Length
485
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-222588210-1
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
29ddef4ca49d2c57b2169e36047602e133c31117a51ada4c584e7564ee2661ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64880
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Dec 2023 04:56:42 GMT
1435_css.min.css
peoplevine.blob.core.windows.net/files/1073/style/ 		349 KB
350 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peoplevine.blob.core.windows.net/files/1073/style/1435_css.min.css
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.153.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ae5fe6d1348fec1450528bdd64251fdd03e7857054bc1f152d71d85523b3f3f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 04:56:41 GMT
Last-Modified
Mon, 26 Jun 2023 21:27:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9nJW4/um+d+VmAy1AG6Wpw==
ETag
0x8DB768C37337504
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
bd2303bb-101e-00bc-7a93-34b40b000000
Cache-Control
max-age=86400
x-ms-version
2009-09-19
Content-Length
357551
bundle.min.js
members.aprespass.ca/scripts/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.aprespass.ca/scripts/bundle.min.js?build=20210301
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5cb71ef74144a122d18eaf7b25f04dbef04caf92deff72a24789b3ee5aabee3b
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
Public-Key-Pins
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/page/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
content-length
22559
x-xss-protection
1; mode=block
public-key-pins
pragma
no-cache
last-modified
Sun, 12 Nov 2023 23:05:39 GMT
etag
"7987fec0bc15da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
-1
34114_page_css.min.css
peoplevine.blob.core.windows.net/files/1073/style/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peoplevine.blob.core.windows.net/files/1073/style/34114_page_css.min.css?cache=202211221203
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.153.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
190a5550e9785ee177526fc7e0a2e7a5f347136b21ff917c807c29a1abdbb1b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 04:56:41 GMT
Last-Modified
Mon, 05 Sep 2022 20:43:17 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
tkmT4ZoV4We+7mBTZuDgAw==
ETag
0x8DA8F7F433EEC77
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
d81060a0-c01e-00fa-2393-346a9d000000
Cache-Control
max-age=86400
x-ms-version
2009-09-19
Content-Length
1241
bootstrap.min.js
storage.peoplevine.com/media/361/portal/assets/bootstrap/4.5.0/js/ 		59 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.peoplevine.com/media/361/portal/assets/bootstrap/4.5.0/js/bootstrap.min.js?build=20210301
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/0763) /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Dec 2023 04:56:41 GMT
content-md5
a+pgw0xdtnlxUGENrNxrzg==
age
35488
x-cache
HIT
content-length
60174
x-ms-lease-status
unlocked
last-modified
Mon, 03 Aug 2020 18:34:42 GMT
server
ECAcc (chd/0763)
etag
0x8D837DBE316BF1C
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
f365e6a3-801e-0075-7f40-3424c1000000
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
apres-pass-blackout.js
peoplevine.blob.core.windows.net/media/1073/js/ 		370 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://peoplevine.blob.core.windows.net/media/1073/js/apres-pass-blackout.js
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.153.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4f59bf9cee21cb2fd9f510abfab25c4cc865634ce4cc878ebd84fa583e81ab3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 04:56:41 GMT
Last-Modified
Mon, 27 Feb 2023 20:20:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Asboi2x4ugkyA1aI0T1T4Q==
ETag
0x8DB190012DA0964
Content-Type
text/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
a4cccdaa-901e-00ad-6493-348310000000
Cache-Control
max-age=86400
x-ms-version
2009-09-19
Content-Length
370
jquery.min.js
storage.peoplevine.com/media/361/portal/assets/jQuery/default/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.peoplevine.com/media/361/portal/assets/jQuery/default/jquery.min.js
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/0716) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Dec 2023 04:56:42 GMT
content-md5
oJ4T7pTVHFJLfipyjH1AOQ==
age
39980
x-cache
HIT
content-length
86927
x-ms-lease-status
unlocked
last-modified
Tue, 16 Feb 2021 16:37:17 GMT
server
ECAcc (chd/0716)
etag
0x8D8D2991FCB53A4
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
21a9af63-601e-0019-6f36-348f12000000
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
css
fonts.googleapis.com/ 		4 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:regular,italic,bold
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/css/bundle.min.css?build=20210301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
60464b92964a4b0559ed134d29a828bb943283a891510cf0df67391b908835c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 04:56:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Dec 2023 04:56:42 GMT
css
fonts.googleapis.com/ 		4 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Mono:400,700
Requested by
Host: control.peoplevine.com
URL: https://control.peoplevine.com/assets-ui-update/css/peoplevine-styles.min.css?build=20210301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
5055162c51d0ee6012603e61c1e3a4274766fd3b75edefc0b7462f017ac0c71f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://control.peoplevine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 04:56:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Dec 2023 04:56:42 GMT
css
fonts.googleapis.com/ 		4 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Mono:400,700);
Requested by
Host: control.peoplevine.com
URL: https://control.peoplevine.com/assets-ui-update/css/shared.min.css?build=20210301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
5055162c51d0ee6012603e61c1e3a4274766fd3b75edefc0b7462f017ac0c71f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://control.peoplevine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 04:56:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Dec 2023 04:56:42 GMT
gtm.js
www.googletagmanager.com/ 		194 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHDLMJN
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
df1f17e2f3830a74f58437e63a0b0ef2012a8e1ee38ae541057a4d3487f7d7fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71296
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Dec 2023 04:56:42 GMT
MuseoSans_700.woff2
gibbonswhistler.com/wp-content/themes/gibbons/fonts/MuseoSans/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gibbonswhistler.com/wp-content/themes/gibbons/fonts/MuseoSans/MuseoSans_700.woff2
Requested by
Host: peoplevine.blob.core.windows.net
URL: https://peoplevine.blob.core.windows.net/files/1073/style/1435_css.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
1613f9734db63b9c5c539a6f0269067689cd7086da5035794a1ea415789a9f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://peoplevine.blob.core.windows.net/
Origin
https://members.aprespass.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fw-static
YES
date
Fri, 22 Dec 2023 04:56:42 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS, HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-yyz4562-YYZ, cache-yyz4553-YYZ
x-fw-type
VISIT
content-length
18360
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Dec 2021 23:45:27 GMT
server
Flywheel/5.1.0
x-timer
S1703221002.327284,VS0,VE2
etag
"61c8fe97-47b8"
x-fw-hash
3drum8z5xx
x-fw-version
5.0.0
content-type
application/octet-stream
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
vary
Authorization
accept-ranges
bytes
x-cache-hits
0, 1
MuseoSans_500.woff2
gibbonswhistler.com/wp-content/themes/gibbons/fonts/MuseoSans/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gibbonswhistler.com/wp-content/themes/gibbons/fonts/MuseoSans/MuseoSans_500.woff2
Requested by
Host: peoplevine.blob.core.windows.net
URL: https://peoplevine.blob.core.windows.net/files/1073/style/1435_css.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
e2f1d313563bd57648065ec08b09be8c99a0fc83f515e0cd330f1e104e88d13d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://peoplevine.blob.core.windows.net/
Origin
https://members.aprespass.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fw-static
YES
date
Fri, 22 Dec 2023 04:56:42 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS, HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-yyz4578-YYZ, cache-yyz4553-YYZ
x-fw-type
VISIT
content-length
18232
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Dec 2021 23:44:27 GMT
server
Flywheel/5.1.0
x-timer
S1703221002.327275,VS0,VE3
etag
"61c8fe5b-4738"
x-fw-hash
3drum8z5xx
x-fw-version
5.0.0
content-type
application/octet-stream
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
vary
Authorization
accept-ranges
bytes
x-cache-hits
0, 1
Logos_New-copy-32-1.png
peoplevine.blob.core.windows.net/media/1073/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peoplevine.blob.core.windows.net/media/1073/Logos_New-copy-32-1.png
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.153.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
143a1f4be7dcde066d98045f77d517b36c0711b7fbed20c51652995b28634f68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 04:56:41 GMT
Last-Modified
Tue, 22 Mar 2022 23:10:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
oG56lRDKvK/WZt+bI6s9UQ==
ETag
0x8DA0C59301A967B
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
bd2303ca-101e-00bc-0693-34b40b000000
Cache-Control
max-age=86400
x-ms-version
2009-09-19
Content-Length
53925
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin
https://members.aprespass.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
111016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78472
last-modified
Wed, 13 Jan 2021 22:29:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7432-13288"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=694CfcSC%2FpEjQ1lfXkFw2DTv5hi455UQHYwdVNQwUTwg8ewSDgaSevo2b60DD5QKTC6jLFYbEd0YLAJe8MvT3nnXYoLuJsMjquKqEZzSEHFQCcw2rRM7UDqXqVw6EkYBlQrZYjSN"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8395c7a0799f3703-YYZ
expires
Wed, 11 Dec 2024 04:56:42 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-222588210-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 04:32:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1439
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 22 Dec 2023 06:32:43 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q5L18QHVW9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHDLMJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
948f61b9df742d494f3249577e3e9f4bfc32083bc345a4e37704a39917072844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85472
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Dec 2023 04:56:42 GMT
ctgxnktg7g
www.clarity.ms/tag/ 		1018 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ctgxnktg7g?ref=gtm2
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca2efc3619b4ceef103e5f85b21b14c025ce5dbe30968412be38cc7334e8466e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
-1
date
Fri, 22 Dec 2023 04:56:42 GMT
x-azure-ref
20231222T045642Z-d8as64v72p5qx8na7ncfxmmca800000005z000000000a9hf
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1018
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
widget.js
connect.podium.com/ 		665 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/widget.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHDLMJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-206-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d85bc3fbbd4a389a2ba6820a72f8f5ed47c05c80a67b4701da1c3c821d4067aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:29:33 GMT
content-encoding
gzip
via
1.1 ce03dab0723e1a81658675d5bdaf168c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 01:29:30 GMT
server
AmazonS3
x-amz-cf-pop
LAX50-P5
age
1630
etag
"820f66b2aeb9877285b9494c0602824e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
191757
x-amz-cf-id
XZPE_az4ECC1c4yXpPk2B7z9sJbtnBfty6OISsblIB1yVfB9i-TFcQ==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Dec 2023 04:56:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
SC2phNWc64sPX/ulYFy3JZ4OxcIb/ZjjCmyA5igqVKYx3j5mH8dryp/4mSA021mfRZ834dVa0Fam/gB0cSc7IQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
174 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Q5L18QHVW9&gtm=45je3bt0v871341310z8889175199&_p=1703221002245&gcd=11l1l1l1l1&dma=0&cid=1578989579.1703221003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703221002&sct=1&seg=0&dl=https%3A%2F%2Fmembers.aprespass.ca%2Fpage%2Flogin&dt=Login%20to%20the%20Membership%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2063
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q5L18QHVW9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 04:56:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://members.aprespass.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=892347112&t=pageview&_s=1&dl=https%3A%2F%2Fmembers.aprespass.ca%2Fpage%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20the%20Membership%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=165948231&gjid=1892787607&cid=1578989579.1703221003&tid=UA-222588210-1&_gid=464370188.1703221003&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1121650748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 04:56:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://members.aprespass.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=892347112&t=pageview&_s=1&dl=https%3A%2F%2Fmembers.aprespass.ca%2Fpage%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20the%20Membership%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1331116474&gjid=214318506&cid=1578989579.1703221003&tid=UA-222588210-1&_gid=464370188.1703221003&_r=1&_slc=1&gtm=45He3bt0n81NHDLMJNv889175199&gcd=11l1l1l1l1&dma=0&z=646590333
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 04:56:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://members.aprespass.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ctgxnktg7g?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
content-encoding
br
last-modified
Wed, 13 Dec 2023 19:57:52 GMT
etag
W/"0x8DBFC15CAB825ED"
vary
Accept-Encoding
x-azure-ref
20231222T045642Z-d8as64v72p5qx8na7ncfxmmca800000005z000000000a9hh
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8aa8fff9-f01e-0020-5fc4-30557c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=892347112&t=event&ni=1&_s=2&dl=https%3A%2F%2Fmembers.aprespass.ca%2Fpage%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20the%20Membership%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1r5c2yu&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1578989579.1703221003&tid=UA-222588210-1&_gid=464370188.1703221003&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fctgxnktg7g%2F1l78vbc%2F1r5c2yu&z=474859628
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 02:12:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9827
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
592885532606877
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/592885532606877?v=2.9.138&r=stable&domain=members.aprespass.ca
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
68e4a9c70eb7752383a7deccedef50261f02bd2ce1e17292d47d6ed8fffdb0ae
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Dec 2023 04:56:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
CSFh422PCAeLQivMlq3gwySCxL9OSDkI2xNlcejV0vJLyrzUdr6vKpEZJ52PIBOSqf9FnM/nUEXj0Y7pcyZu6Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
l.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://members.aprespass.ca
Date
Fri, 22 Dec 2023 04:56:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
vardata
lab.analyticspodium.com/sdk/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lab.analyticspodium.com/sdk/vardata
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.180.221 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-180-221.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f2c789f4d4f48d2115ef57ec27b8e838bc12d7604d0323a4678e21307f425be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
Authorization
Api-Key client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjMiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMjAiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwiZGV2aWNlX2lkIjoiYjg0NGZkNzEtZGE2NC00YWQ5LWIzZjctZTlhZmZkMTdlMmJmIiwidXNlcl9wcm9wZXJ0aWVzIjp7fX0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:56:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
5121
apigw-requestid
QVCJ0j_XvHcEP4Q=
x-served-by
cache-bfi-krnt7300117-BFI
x-timer
S1703221003.325167,VS0,VE44
x-amzn-trace-id
Self=1-6585170b-3dd1adf779a3eead2896e3d3;Root=1-6585170b-5b596a7c5842d86816279c0f
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://members.aprespass.ca
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
vardata
lab.analyticspodium.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lab.analyticspodium.com/sdk/vardata
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.180.221 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-180-221.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://members.aprespass.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://members.aprespass.ca
access-control-max-age
1800
age
1441
apigw-requestid
QVCJzhvkvHcEPFw=
cache-control
no-store
content-length
0
date
Fri, 22 Dec 2023 04:56:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Self=1-6585116a-1c0a8d9238f777885c376faa;Root=1-6585116a-422af5e53db1045a7ea5a049
x-cache
HIT
x-cache-hits
803
x-content-type-options
nosniff
x-served-by
cache-bfi-kbfi7400100-BFI
x-timer
S1703221003.228688,VS0,VE0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=592885532606877&ev=PageView&dl=https%3A%2F%2Fmembers.aprespass.ca%2Fpage%2Flogin&rl=&if=false&ts=1703221003002&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703221003000.1560034217&ler=empty&it=1703221002782&coo=false&rqm=GET
Requested by
Host: members.aprespass.ca
URL: https://members.aprespass.ca/page/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-mty2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Dec 2023 04:56:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
graphql
mind-flayer.podium.com/ 		60 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
3741ed1f5788054b880d9b5831fec4f0fdb4cca16d8257fe016c90d6742b81c4

Request headers

Accept
application/json
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 04:56:43 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
x-robots-tag
noindex
Content-Length
60
x-request-id
F6MOeoL_6AOaf5AHwpdy
graphql
mind-flayer.podium.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://members.aprespass.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
date
Fri, 22 Dec 2023 04:56:43 GMT
server
Cowboy
vary
origin
x-request-id
F6MOen2h2EFaCjcHrkLi
x-robots-tag
noindex
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&RedC=c.clarity.ms&MXFR=0F72973A3F74669C0B5684D53B7468DF
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&MUID=10EC557E6E946A1D06AA46916FBE6BFF
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&MUID=10EC557E6E946A1D06AA46916FBE6BFF
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 04:56:43 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 04:56:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9682B14CB9644373AB38904ED09C89EC Ref B: YTO01EDGE0821 Ref C: 2023-12-22T04:56:43Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&MUID=10EC557E6E946A1D06AA46916FBE6BFF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
graphql
mind-flayer.podium.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
1ff65b5735b5585371479d0f182b0ac46ac8662ad88a874a7ce4c282631e395f

Request headers

Accept
application/json
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 04:56:42 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
x-robots-tag
noindex
Content-Length
1551
x-request-id
F6MOeo4V4LoW90QFZ3Xh
graphql
mind-flayer.podium.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://members.aprespass.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
date
Fri, 22 Dec 2023 04:56:43 GMT
server
Cowboy
vary
origin
x-request-id
F6MOeoi9hWCMbA8HEDKS
x-robots-tag
noindex
graphql
mind-flayer.podium.com/ 		38 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Accept
application/json
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 04:56:43 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
x-robots-tag
noindex
Content-Length
38
x-request-id
F6MOeqC257X1qeEFXKzB
graphql
mind-flayer.podium.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://members.aprespass.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
date
Fri, 22 Dec 2023 04:56:43 GMT
server
Cowboy
vary
origin
x-request-id
F6MOepYFxrFtTNgH25Oh
x-robots-tag
noindex
styles.css
connect.podium.com/ Frame 7BA3 		64 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/styles.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-206-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:29:33 GMT
content-encoding
gzip
via
1.1 ce03dab0723e1a81658675d5bdaf168c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 01:29:30 GMT
server
AmazonS3
x-amz-cf-pop
LAX50-P5
age
1631
etag
"c1fa1977d66b8bebcb22901457400a35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
content-length
10003
x-amz-cf-id
1ybjO0m3E5UWYosAsnOpe1dlXlo8PlI8UpOuDK0fyCnAgS73Vuhklw==
graphql
mind-flayer.podium.com/ 		38 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Accept
application/json
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 04:56:43 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
x-robots-tag
noindex
Content-Length
38
x-request-id
F6MOeqF0UPeUu_wGjOMx
graphql
mind-flayer.podium.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://members.aprespass.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
date
Fri, 22 Dec 2023 04:56:43 GMT
server
Cowboy
vary
origin
x-request-id
F6MOeptf3SbEWOAGC59y
x-robots-tag
noindex
d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame 7BA3 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-206-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

Referer
https://connect.podium.com/styles.css
Origin
https://members.aprespass.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:30:18 GMT
via
1.1 1d7ed53a70523e576bff9c3bcb5eea38.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-P5
age
12387
x-cache
Hit from cloudfront
content-length
34640
last-modified
Fri, 22 Dec 2023 01:29:29 GMT
server
AmazonS3
etag
"1d077eb2f892e7f968f043b40b6ae557"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers
x-amz-cf-id
b9MT-8MoqUzQ6MJltUXHV-_YLSjx_Gjpi8EwVBssVtWxfcyyUMF0cg==
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 7BA3 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-206-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Referer
https://connect.podium.com/styles.css
Origin
https://members.aprespass.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:30:18 GMT
via
1.1 1d7ed53a70523e576bff9c3bcb5eea38.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-P5
age
12387
x-cache
Hit from cloudfront
content-length
30548
last-modified
Fri, 22 Dec 2023 01:29:29 GMT
server
AmazonS3
etag
"c28f8beb02447597a13d138680f42e65"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers
x-amz-cf-id
xH2d0EfVcK2bvB0YaiOTTeOmUT9Yn09S4rCiRS_hL-MDWeIdTHQF-g==
collect
l.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://members.aprespass.ca
Date
Fri, 22 Dec 2023 04:56:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
httpapi
api2.analyticspodium.com/2/ 		94 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.analyticspodium.com/2/httpapi
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.177.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-177-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2e15b8e7affc22e36107779b5d1f2ef7cedf0da9cb2d022ab993d0c41c17e5b9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 04:56:44 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
trace-id
Self=1-6585170c-691722927703e54f7fba9871;Root=1-6585170c-13e08e8d5542a6a249752435
content-length
94
apigw-requestid
QVCJ-hcePHcEJ5Q=
httpapi
api2.analyticspodium.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.analyticspodium.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.177.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-177-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://members.aprespass.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
apigw-requestid
QVCJ9jJiPHcEJ1A=
content-length
0
date
Fri, 22 Dec 2023 04:56:44 GMT
strict-transport-security
max-age=15768000
graphql
mind-flayer.podium.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://members.aprespass.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
date
Fri, 22 Dec 2023 04:56:45 GMT
server
Cowboy
vary
origin
x-request-id
F6MOewyvt44EQDUH2_MB
x-robots-tag
noindex
graphql
mind-flayer.podium.com/ 		38 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.152.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-152-84.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Accept
application/json
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 04:56:44 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://members.aprespass.ca
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
x-robots-tag
noindex
Content-Length
38
x-request-id
F6MOexILXFejc1MGJXYS
styles.css
connect.podium.com/ Frame D15E 		64 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/styles.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-206-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:29:33 GMT
content-encoding
gzip
via
1.1 ce03dab0723e1a81658675d5bdaf168c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 01:29:30 GMT
server
AmazonS3
x-amz-cf-pop
LAX50-P5
age
1633
etag
"c1fa1977d66b8bebcb22901457400a35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
content-length
10003
x-amz-cf-id
YWjhv1Gd0IXz7pftWJchiOigqVZIuZQ5b7iZ2DpMuWnxmEHhNxIV2A==
defaultWebchatPinkAvatar.png
assets.podium.com/images/ Frame D15E 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.podium.com/images/defaultWebchatPinkAvatar.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-24.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb03359b5f8b6d2b2056dc684bbd8f664718c126abdbb1fd59808c9bca000c37

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
EpIAa.1FDiRxQF3e9Rp.lY7y4w3FHVlc
date
Fri, 22 Dec 2023 04:55:56 GMT
via
1.1 7b32163caf7e91fe96df7bbeaa58c0f8.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 15:06:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C1
age
50
etag
"a7044c5ad0c2d26c58a0b68b3b4baa21"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
39499
x-amz-cf-id
avKZsqrA2xtE7OBhhOjYU63aB9hjnDhZIMBpf-tvPsQXZw2kBCI08A==
d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame D15E 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-206-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

Referer
https://connect.podium.com/styles.css
Origin
https://members.aprespass.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:30:18 GMT
via
1.1 1d7ed53a70523e576bff9c3bcb5eea38.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-P5
age
12388
x-cache
Hit from cloudfront
content-length
34640
last-modified
Fri, 22 Dec 2023 01:29:29 GMT
server
AmazonS3
etag
"1d077eb2f892e7f968f043b40b6ae557"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers
x-amz-cf-id
KoR1AP5bgPe5JkKzYzszK43BsdMooX8irQ6tLsXhm9w0OGK5UZx4KA==
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame D15E 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-206-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Referer
https://connect.podium.com/styles.css
Origin
https://members.aprespass.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:30:18 GMT
via
1.1 1d7ed53a70523e576bff9c3bcb5eea38.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-P5
age
12388
x-cache
Hit from cloudfront
content-length
30548
last-modified
Fri, 22 Dec 2023 01:29:29 GMT
server
AmazonS3
etag
"c28f8beb02447597a13d138680f42e65"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers
x-amz-cf-id
Nad7rP9VJXegJ_T-orI2fz1oRxX72dqc_WINAlrbIj-9XHBgjUfqJw==
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Q5L18QHVW9&gtm=45je3bt0v871341310&_p=1703221002245&gcd=11l1l1l1l1&dma=0&cid=1578989579.1703221003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703221002&sct=1&seg=0&dl=https%3A%2F%2Fmembers.aprespass.ca%2Fpage%2Flogin&dt=Login%20to%20the%20Membership%20Portal&en=scroll&epn.percent_scrolled=90&_et=6&tfd=7073
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q5L18QHVW9&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://members.aprespass.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 04:56:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://members.aprespass.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
l.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://members.aprespass.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://members.aprespass.ca
Date
Fri, 22 Dec 2023 04:56:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| userData object| siteData string| curPath object| curObj object| curQ object| vars object| company function| $ function| jQuery object| dataLayer function| gtag function| returnSocialShareBlock function| logActivity function| calculateShipping function| payWithPoints function| returnProduct function| returnTime function| digits function| currency function| percent function| addDays function| setActive function| toDate function| toMMDDYYYY function| datetime function| today function| fixed function| returnCartSubTotal function| returnCartTotalItems function| getCookie function| getCookieValue function| setCookie function| createCookie function| readCookie function| eraseCookie function| getQuery function| setTimezoneCookie function| loadTranslations function| loopThroughTranslations function| setContentValue function| requestData function| doAjax function| copyURL function| imgError function| isNumericInput function| isModifierKey function| enforceFormat function| formatToPhone function| loadBusinessToolPageCreate function| pageTypeChanged function| loadBusinessToolSurveyView function| surveyNotes function| applicationStatusChanged function| surveyStatusChanged object| userExit object| monthNames object| dayNames function| HAPIform function| DatepickerHelper function| CustomFileInput object| v function| pvReady object| pvAlert object| user object| SETTINGS object| bootstrap object| selectOption object| myApp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| webpackChunkdemogorgon object| regeneratorRuntime object| env boolean| podiumWebsiteWidgetLoaded object| analyticsConnectorInstances object| PodiumWebChat

29 Cookies

Domain/Path Name / Value
members.aprespass.ca/ Name: ASP.NET_SessionId
Value: vcvk4v1e2mcl2nxfnueprxau
members.aprespass.ca/ Name: cartInfo
Value: session_id=NjNhZjc2YWMtNmU0MC00MTNjLTgzNDYtMDA2Mzk2ZGJhYTUy
members.aprespass.ca/ Name: domain
Value: domain=eyJjb25maWciOiIiLCJtZW1iZXJfcGFnZV9zdHlsZV9ubyI6MTQ4OCwiYXV0aGVudGljYXRlZF9wYWdlX3N0eWxlX25vIjotMSwicGF5bWVudF9wcm9jZXNzb3Jfbm8iOjAsInBhZ2Vfc3R5bGVfbm8iOi0xLCJwYXNzd29yZF9wcm90ZWN0ZWQiOiJOIiwiZGVmYXVsdF91cmwiOiJZIiwicmVmZXJlbmNlX3R5cGUiOiJnZW5lcmFsIiwicmVmZXJlbmNlX25vIjotOSwiZG9tYWluX3R5cGUiOiJwb3J0YWwiLCJpbmNsdWRlU2V0dGluZ3MiOltdLCJkb21haW5fbm8iOjExODUxLCJkb21haW5fbmFtZSI6Im1lbWJlcnMuYXByZXNwYXNzLmNhIiwiYWxsb3dfc3NsIjoiWSIsImNvbXBhbnlfbm8iOjEwNzN9&lastUpdated=202312220456
.members.aprespass.ca/ Name: ARRAffinity
Value: 57e549ae065cc3e8c700120416d97756a80309fed8a45de812bfbd42c2cda496
members.aprespass.ca/ Name: data
Value: domainStyle=ZmFsc2U=&activityTracking=VHJ1ZQ==&last_page=&prev_page=Lw==
members.aprespass.ca/ Name: locale
Value: currency=Q0FE&label-state=Region&label-city=City&label-address2=Apt&label-zip_code=Postal Code&label-ach_routing=Routing Number/Sort Code&placeholder-ach_routing=Enter 9 digits&disabled-state=false
members.aprespass.ca/ Name: companyMain
Value: serial=eyJjb21wYW55X21hcCI6Imh0dHBzOi8vcGVvcGxldmluZS5ibG9iLmNvcmUud2luZG93cy5uZXQvbWVkaWEvMTA3My9jb21wYW55LzEwNzMvbWFwL21hcF9wYXRoXzEwNzMucG5nIiwiZW5hYmxlXzJmYSI6dHJ1ZSwiYWRkaXRpb25hbF9saW5lIjoiIiwidXJscyI6W3sia2V5IjoibWVtYmVyX2NoZWNraW5fcXIiLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvbWVtYmVyL2NoZWNraW4vcXIifSx7ImtleSI6Imd1ZXN0X2NoZWNraW5fcXIiLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvZ3Vlc3QvY2hlY2tpbi9xciJ9LHsia2V5IjoibWVtYmVyX2NoZWNraW4iLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvbWVtYmVyL2NoZWNraW4ifSx7ImtleSI6Imd1ZXN0X2NoZWNraW4iLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvZ3Vlc3QvY2hlY2tpbiJ9XSwiZ2VuX3ZlcnNpb24iOjMsInVwZGF0ZUZpZWxkcyI6IiIsImVuYWJsZUFjdGl2aXR5VHJhY2tpbmciOnRydWUsImF1dGhzIjpbXSwicGFyZW50X2NvbXBhbnlfbm8iOjAsImRvbWFpbl9uYW1lIjoibWVtYmVycy5hcHJlc3Bhc3MuY2EiLCJ0aW1lem9uZV9pZCI6IlBhY2lmaWMgU3RhbmRhcmQgVGltZSIsInRpbWV6b25lX29mZnNldCI6LTgsInNldHRpbmdzIjpbXSwic3Vic2NyaXB0aW9uX25vIjoxMzE4NDgsImN1c3RvbWVyX25vIjoyNDY3MTQ5LCJjb21wYW55X2xvZ29fYnl0ZSI6bnVsbCwiY29tcGFueV9pY29uX2J5dGUiOm51bGwsInVzZXJfbm8iOjMwMCwiY29tcGFueV9ubyI6MTA3MywiZm9yZWdyb3VuZGNvbG9yIjoiMDAwMDAwIiwiYmFja2dyb3VuZGNvbG9yIjoiRkZGRkZGIiwiY29tcGFueV9uYW1lIjoiQXByw6hzIFBhc3MiLCJjb21wYW55X2xvZ28iOiJodHRwczovL3Blb3BsZXZpbmUuYmxvYi5jb3JlLndpbmRvd3MubmV0L2NvbXBhbnkvMTA3My9jb21wYW55L2xvZ28ucG5nIiwiY29tcGFueV9pY29uIjoiaHR0cHM6Ly9wZW9wbGV2aW5lLmJsb2IuY29yZS53aW5kb3dzLm5ldC9jb21wYW55LzEwNzMvY29tcGFueS9pY29uLnBuZyIsImNvbXBhbnlfYmlvIjoiIiwid2ViX3NpdGUiOiJodHRwczovL2FwcmVzcGFzcy5jYSIsImNvbXBhbnlfZW1haWwiOiJpbmZvQGFwcmVzcGFzcy5jYSIsImNvbXBhbnlfcGhvbmUiOiI4ODg4MjM3OTMyIiwiYWRkcmVzcyI6IjQyOTMgTW91bnRhaW4gU3F1YXJlIiwiYWRkcmVzczIiOiJTdWl0ZSAyMTEiLCJjaXR5IjoiV2hpc3RsZXIiLCJzdGF0ZSI6IkJDIiwiemlwX2NvZGUiOiJWOEUgMUI4IiwiY291bnRyeSI6IkNBIiwiZmFjZWJvb2tfdXJsIjoiaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2FwcmVzLnBhc3MiLCJnb29nbGVfdXJsIjoiIiwidHdpdHRlcl9oYW5kbGUiOiIiLCJjcmVhdGVkX29uIjoiXC9EYXRlKDE2MDE2NzMxMDkwMjcpXC8ifQ==
members.aprespass.ca/ Name: pageStyle
Value: page_style_no=MTQzNQ==&jq=default&bs=4.5.0&fa=&v=width%3Ddevice-width%2C%20initial-scale%3D1.0&pt=&mk=&md=&fv=https%3A%2F%2Fpeoplevine.blob.core.windows.net%2Ffiles%2F1073%2Ffavicon%2FFavicon-31.png&hs=False&mo=202306262127
members.aprespass.ca/ Name: settings
Value: payment_processor_no=MA==
.control.peoplevine.com/ Name: ARRAffinitySameSite
Value: 052b94cc4103b1e78b547575b3eba34f9549b35c335180840236ab0615424ce8
members.aprespass.ca/ Name: timezoneoffset
Value: 480
.aprespass.ca/ Name: _ga_Q5L18QHVW9
Value: GS1.1.1703221002.1.0.1703221002.0.0.0
.aprespass.ca/ Name: _ga
Value: GA1.2.1578989579.1703221003
.aprespass.ca/ Name: _gid
Value: GA1.2.464370188.1703221003
.aprespass.ca/ Name: _gat_gtag_UA_222588210_1
Value: 1
.aprespass.ca/ Name: _gat_UA-222588210-1
Value: 1
www.clarity.ms/ Name: CLID
Value: 81309a755006404dab9e0e811210bd53.20231222.20241221
.aprespass.ca/ Name: _clck
Value: 1l78vbc%7C2%7Cfhr%7C0%7C1451
.aprespass.ca/ Name: _clsk
Value: 1r5c2yu%7C1703221002956%7C1%7C1%7Cl.clarity.ms%2Fcollect
.aprespass.ca/ Name: AMP_MKTG_16a5c84b5b
Value: JTdCJTdE
.aprespass.ca/ Name: AMP_16a5c84b5b
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJiODQ0ZmQ3MS1kYTY0LTRhZDktYjNmNy1lOWFmZmQxN2UyYmYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzAzMjIxMDAyOTc4JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcwMzIyMTAwMjk5MSU3RA==
.aprespass.ca/ Name: _fbp
Value: fb.1.1703221003000.1560034217
.bing.com/ Name: MUID
Value: 10EC557E6E946A1D06AA46916FBE6BFF
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 10EC557E6E946A1D06AA46916FBE6BFF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 10EC557E6E946A1D06AA46916FBE6BFF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

2 Console Messages

Source Level URL
Text
javascript warning URL: https://members.aprespass.ca/page/login(Line 12)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://storage.peoplevine.com/media/361/portal/assets/jQuery/default/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://members.aprespass.ca/page/login(Line 12)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://storage.peoplevine.com/media/361/portal/assets/jQuery/default/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self';
Public-Key-Pins
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.analyticspodium.com
assets.podium.com
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
connect.facebook.net
connect.podium.com
control.peoplevine.com
fonts.googleapis.com
gibbonswhistler.com
l.clarity.ms
lab.analyticspodium.com
members.aprespass.ca
mind-flayer.podium.com
peoplevine.blob.core.windows.net
storage.peoplevine.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
13.107.213.38
13.249.39.24
142.251.16.97
142.251.163.95
151.101.2.159
152.195.19.97
157.240.244.1
157.240.244.35
168.62.224.13
18.154.206.27
20.120.65.166
20.125.209.212
20.40.202.12
204.79.197.200
216.239.34.178
35.167.177.33
44.229.152.84
52.239.153.4
54.244.180.221
143a1f4be7dcde066d98045f77d517b36c0711b7fbed20c51652995b28634f68
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1613f9734db63b9c5c539a6f0269067689cd7086da5035794a1ea415789a9f72
190a5550e9785ee177526fc7e0a2e7a5f347136b21ff917c807c29a1abdbb1b1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
1ff65b5735b5585371479d0f182b0ac46ac8662ad88a874a7ce4c282631e395f
29ddef4ca49d2c57b2169e36047602e133c31117a51ada4c584e7564ee2661ce
2e15b8e7affc22e36107779b5d1f2ef7cedf0da9cb2d022ab993d0c41c17e5b9
2f97a5d23b7e9c9506990d320194701d4ba9ffdc60bdf079bfbcf7018d1b6f2f
309499d9289bfc7f8ab25c86e4b7377eb18988dc8864d1b857063237f86f6ccb
3191923a61403986f9070df684f8f9f3d451f782e5fbb02f20d9ed518cd780ee
3741ed1f5788054b880d9b5831fec4f0fdb4cca16d8257fe016c90d6742b81c4
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
5055162c51d0ee6012603e61c1e3a4274766fd3b75edefc0b7462f017ac0c71f
5cb71ef74144a122d18eaf7b25f04dbef04caf92deff72a24789b3ee5aabee3b
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
60464b92964a4b0559ed134d29a828bb943283a891510cf0df67391b908835c2
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
68e4a9c70eb7752383a7deccedef50261f02bd2ce1e17292d47d6ed8fffdb0ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
791984c37c91bba9f4b1f1edd880391fc269af0616451bb834fd25defe658c45
7a4fb22778f4aa17c61f4d9a83fff238bf20ca02711a0ff44bdb0d57fce1182c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76
948f61b9df742d494f3249577e3e9f4bfc32083bc345a4e37704a39917072844
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ed82c10d295bf4793cb1720a2eb9c973b59db5bd598be2679fae8b80ac4e9cf
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0
ae5fe6d1348fec1450528bdd64251fdd03e7857054bc1f152d71d85523b3f3f5
bb03359b5f8b6d2b2056dc684bbd8f664718c126abdbb1fd59808c9bca000c37
ca2efc3619b4ceef103e5f85b21b14c025ce5dbe30968412be38cc7334e8466e
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d85bc3fbbd4a389a2ba6820a72f8f5ed47c05c80a67b4701da1c3c821d4067aa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1f17e2f3830a74f58437e63a0b0ef2012a8e1ee38ae541057a4d3487f7d7fd
e2f1d313563bd57648065ec08b09be8c99a0fc83f515e0cd330f1e104e88d13d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f59bf9cee21cb2fd9f510abfab25c4cc865634ce4cc878ebd84fa583e81ab3
ed14a11b075ce49fd1f08617afbe12b18edf1eaa8e98af4ab701703d0405c8e5
f2c789f4d4f48d2115ef57ec27b8e838bc12d7604d0323a4678e21307f425be5