elephantapple.ca Open in urlscan Pro
35.208.69.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://elephantapple.ca/
Submission: On February 16 via automatic, source certstream-suspicious (February 16th 2023, 7:57:40 pm UTC) — Scanned from CA

Summary HTTP 85 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 14 domains to perform 85 HTTP transactions. The main IP is 35.208.69.114, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is elephantapple.ca.
TLS certificate: Issued by R3 on February 16th 2023. Valid for: 3 months.

This is the only time elephantapple.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	35.208.69.114 35.208.69.114	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1 11	35.174.147.130 35.174.147.130	14618 (AMAZON-AES) (AMAZON-AES)
6	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
3	13.35.93.43 13.35.93.43	16509 (AMAZON-02) (AMAZON-02)
2	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
1	18.238.4.21 18.238.4.21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:210b:a00:13:4005:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	54.159.23.63 54.159.23.63	14618 (AMAZON-AES) (AMAZON-AES)
1	18.160.48.68 18.160.48.68	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	3.232.92.28 3.232.92.28	14618 (AMAZON-AES) (AMAZON-AES)
1	44.240.18.98 44.240.18.98	16509 (AMAZON-02) (AMAZON-02)
85	19

39 35.208.69.114 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 114.69.208.35.bc.googleusercontent.com

elephantapple.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.174.147.130 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-147-130.compute-1.amazonaws.com

541922.17hats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:821::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.93.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-43.jfk50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-21.phl51.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:a00:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.23.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-23-63.compute-1.amazonaws.com

i.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.48.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-48-68.iad55.r.cloudfront.net

scripts.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.92.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-92-28.compute-1.amazonaws.com

trk.kissmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.18.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-18-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	elephantapple.ca elephantapple.ca	36 MB
11	17hats.com 1 redirects 541922.17hats.com	884 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	447 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1024 q.stripe.com — Cisco Umbrella Rank: 6876 m.stripe.com — Cisco Umbrella Rank: 1033	110 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	24 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1149	17 KB
2	kissmetrics.com i.kissmetrics.com — Cisco Umbrella Rank: 40236 scripts.kissmetrics.com — Cisco Umbrella Rank: 32097	12 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2454 t.paypal.com — Cisco Umbrella Rank: 3163	6 KB
1	kissmetrics.io trk.kissmetrics.io — Cisco Umbrella Rank: 31383	376 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	squarecdn.com web.squarecdn.com — Cisco Umbrella Rank: 27871	104 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15402	41 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2241	235 KB
85	14

	Domain	Requested by
39	elephantapple.ca	elephantapple.ca
11	541922.17hats.com	1 redirects elephantapple.ca 541922.17hats.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	q.stripe.com	elephantapple.ca
3	www.google.com	541922.17hats.com www.gstatic.com
3	js.stripe.com	541922.17hats.com js.stripe.com
3	fonts.googleapis.com	elephantapple.ca 541922.17hats.com
2	m.stripe.network	js.stripe.com m.stripe.network
1	m.stripe.com	m.stripe.network
1	trk.kissmetrics.io	scripts.kissmetrics.com
1	t.paypal.com	541922.17hats.com
1	scripts.kissmetrics.com	541922.17hats.com
1	i.kissmetrics.com	541922.17hats.com
1	www.google-analytics.com	541922.17hats.com
1	www.paypal.com	www.paypalobjects.com
1	web.squarecdn.com	541922.17hats.com
1	cdn.plaid.com	541922.17hats.com
1	www.paypalobjects.com	541922.17hats.com
85	19

This site contains links to these domains. Also see Links.

Domain
www.pdiconstruction.ca
www.clubdzign.com
www.timhortons.com

Subject Issuer	Validity	Valid
*.elephantapple.ca R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
17hats.com Amazon	`2022-04-22` - `2023-05-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
web.squarecdn.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.kissmetrics.io Sectigo RSA Domain Validation Secure Server CA	`2022-07-14` - `2023-07-15`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://elephantapple.ca/
Frame ID: 72117A08ED704DCABAB1CA1C6FAABA6B
Requests: 55 HTTP requests in this frame

Frame: https://541922.17hats.com/p
Frame ID: C75BBB1ECB517EB34A9858C4F0C0FEA1
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 7CB6E6E703CC266FB4403E35362FB075
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 07B5366266ABE48919988AA846C8C845
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly81NDE5MjIuMTdoYXRzLmNvbTo0NDM.&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=ro9cjpxhed3e
Frame ID: E4678183AA661464356956701BB30184
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ELEPHANTapple | Toronto Creative Agency | Digital Media Marketing

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

85
Requests

98 %
HTTPS

33 %
IPv6

14
Domains

19
Subdomains

19
IPs

1
Countries

39116 kB
Transfer

46064 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.pdiconstruction.ca/
Title: www.pdiconstruction.ca

Search URL Search Domain Scan URL

URL: http://www.clubdzign.com/
Title: www.clubdzign.com

Search URL Search Domain Scan URL

URL: http://www.timhortons.com/
Title: www.timhortons.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://541922.17hats.com/embed/lead/form/vxrgnbzgsxtgccgcfvgnxxthtdfwkfdn HTTP 301
https://541922.17hats.com/p

85 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
elephantapple.ca/ 45 KB
10 KB 469ms
77ms Document
text/html 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9f550de94b54f2eda723cabafb41fc51029a40f7f66b469ca21a3be3f7ca91dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 19:57:25 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://elephantapple.ca/wp-json/>; rel="https://api.w.org/", <https://elephantapple.ca/wp-json/wp/v2/pages/28397>; rel="alternate"; type="application/json", <https://elephantapple.ca/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-httpd: 1
x-proxy-cache: HIT

GET
H2 200 style.min.css
elephantapple.ca/wp-includes/css/dist/block-library/ 93 KB
11 KB 58ms
54ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Wed, 16 Nov 2022 16:18:53 GMT
server: nginx
etag: W/"63750d6d-172a9"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 classic-themes.min.css
elephantapple.ca/wp-includes/css/ 217 B
382 B 65ms
60ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 04 Nov 2022 05:35:34 GMT
server: nginx
etag: W/"6364a4a6-d9"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 styles.css
elephantapple.ca/wp-content/plugins/hwtilt_image/assets/css/ 834 B
546 B 71ms
67ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/plugins/hwtilt_image/assets/css/styles.css?ver=6.1.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4781426ec9465dd2901fb89b17f03e3667475fc6ee221b3bfe5d06abc9444a87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 01 Feb 2019 18:43:38 GMT
server: nginx
etag: W/"5c54935a-342"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 91ms
35ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext

Requested by

Host: elephantapple.ca
URL: https://elephantapple.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 19:08:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 19:57:25 GMT

GET
H2 200 style.css
elephantapple.ca/wp-content/themes/Divi/ 647 KB
57 KB 96ms
92ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/themes/Divi/style.css?ver=3.19.10
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2b300b25b39453d87e8fbec461341dc2708614f58ce68a4f5cea23aa1e661a65

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 01 Feb 2019 18:54:33 GMT
server: nginx
etag: W/"5c5495e9-a1bc2"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 97ms
41ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CAbel%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1

Requested by

Host: elephantapple.ca
URL: https://elephantapple.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

485aae7e3558272e44ff68fe9da29b370db04f6ec8d71a0dfc4745c7d4f30c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 19:57:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 19:57:25 GMT

GET
H2 200 dashicons.min.css
elephantapple.ca/wp-includes/css/ 58 KB
35 KB 134ms
130ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 21:45:04 GMT
server: nginx
etag: W/"607a0560-e688"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 main.css
elephantapple.ca/wp-content/plugins/Divi-Ultimate-Header-Plugin/css/ 17 KB
3 KB 135ms
131ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/plugins/Divi-Ultimate-Header-Plugin/css/main.css?ver=2.0.1.3
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3641cda796695075cb6bb748d50bb31337fcd49f631d18d2e711021594643548

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Sun, 03 Feb 2019 02:45:11 GMT
server: nginx
etag: W/"5c5655b7-42f4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 jquery.min.js Show response
elephantapple.ca/wp-includes/js/jquery/ 88 KB
30 KB 136ms
133ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 04 Nov 2022 05:35:34 GMT
server: nginx
etag: W/"6364a4a6-15e54"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 jquery-migrate.min.js Show response
elephantapple.ca/wp-includes/js/jquery/ 11 KB
4 KB 136ms
134ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 01:47:55 GMT
server: nginx
etag: W/"5fd17e4b-2bd8"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 et-core-unified-1675359873536.min.css
elephantapple.ca/wp-content/cache/et/28397/ 21 KB
3 KB 135ms
132ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/cache/et/28397/et-core-unified-1675359873536.min.css
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f1d09a999c5ddc7a64ed455e8ddf3d1eed154729c79a2b37096b73b05c31bedf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 17:44:34 GMT
server: nginx
etag: W/"63dbf682-53c4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 EALOGO.png
elephantapple.ca/wp-content/uploads/2019/02/ 80 KB
81 KB 133ms
125ms Image
image/png 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/EALOGO.png
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f8f68e4042b586e0552c107881143740b3575bda3f3da489ddf62a7454b4165

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Fri, 01 Feb 2019 19:08:16 GMT
server: nginx
etag: "5c549920-140ef"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 82159
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 icon-logo-2.png
elephantapple.ca/wp-content/uploads/2019/02/ 9 KB
9 KB 148ms
140ms Image
image/png 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/icon-logo-2.png
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6226df7fd1a3196259f7f3a488020dedd60cd077ce783971bc2a6bdc3b70fe03

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Sun, 03 Feb 2019 04:11:48 GMT
server: nginx
etag: "5c566a04-22e9"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 8937
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 logo2.png
elephantapple.ca/wp-content/uploads/2019/02/ 49 KB
49 KB 151ms
143ms Image
image/png 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/logo2.png
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e17ba95bf25d002246788f3f88c63e7aeb04f50512edbed382c222b6cd1a9d58

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Sat, 02 Feb 2019 23:56:29 GMT
server: nginx
etag: "5c562e2d-c3de"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 50142
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 cdweb-1.png
elephantapple.ca/wp-content/uploads/2019/02/ 12 MB
12 MB 154ms
146ms Image
image/png 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/cdweb-1.png
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4bf41c74e4a48ee71f6142c1c91a1c980411ea48380597922a1f22ea53630853

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Tue, 19 Feb 2019 16:07:00 GMT
server: nginx
etag: "5c6c29a4-c53c2d"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 12925997
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 tim-hortons-1.png
elephantapple.ca/wp-content/uploads/2019/02/ 1 MB
1 MB 203ms
195ms Image
image/png 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/tim-hortons-1.png
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 16c441b80759c3f7ab98395e3a29f4bf6f4cbb5261814313e076db2a6496b5a1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Tue, 19 Feb 2019 16:23:41 GMT
server: nginx
etag: "5c6c2d8d-126558"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1205592
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 iframeSizer.min.js Show response
541922.17hats.com/vendor/ 7 KB
4 KB 116ms
27ms Script
application/javascript 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/vendor/iframeSizer.min.js

Requested by

Host: elephantapple.ca
URL: https://elephantapple.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3c7bbf9849074123820530673909cf2ad840f008d581a6677532c2a21182b612

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 15 Feb 2023 00:00:30 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "63ec209e-be1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
feature-policy: midi: 'self'
content-length: 3041
expires: Sat, 18 Mar 2023 19:57:25 GMT

GET
H2 200 jquery.sticky.min.js Show response
elephantapple.ca/wp-content/plugins/Divi-Ultimate-Header-Plugin/js/ 4 KB
2 KB 48ms
47ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/plugins/Divi-Ultimate-Header-Plugin/js/jquery.sticky.min.js
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc07095ba077ee47cd01442bfc94af493963f5d46cb1ec38b502af9ab692df7a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Sun, 03 Feb 2019 02:45:11 GMT
server: nginx
etag: W/"5c5655b7-1128"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
elephantapple.ca/wp-includes/js/mediaelement/ 11 KB
3 KB 57ms
46ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 01:47:55 GMT
server: nginx
etag: W/"5fd17e4b-2bf8"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 wp-mediaelement.min.css
elephantapple.ca/wp-includes/js/mediaelement/ 4 KB
1 KB 62ms
52ms Stylesheet
text/css 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Wed, 13 Nov 2019 23:38:43 GMT
server: nginx
etag: W/"5dcc9403-105a"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 tilt.js Show response
elephantapple.ca/wp-content/plugins/hwtilt_image/assets/js/ 6 KB
2 KB 68ms
59ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/plugins/hwtilt_image/assets/js/tilt.js?ver=1.0
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5cc11a2354df3809519be7a8af418ac4ceb8d451c9fb3d83bea6cd81246f59e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 01 Feb 2019 18:43:38 GMT
server: nginx
etag: W/"5c54935a-1890"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 custom.min.js Show response
elephantapple.ca/wp-content/themes/Divi/js/ 259 KB
57 KB 85ms
75ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/themes/Divi/js/custom.min.js?ver=3.19.10
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f76f50337430014c871163251f2491b57fefcd7e422ed3e0d6ebcf0ea48743e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 01 Feb 2019 18:54:33 GMT
server: nginx
etag: W/"5c5495e9-40ab3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 common.js Show response
elephantapple.ca/wp-content/themes/Divi/core/admin/js/ 1 KB
744 B 92ms
82ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/themes/Divi/core/admin/js/common.js?ver=3.19.10
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 01 Feb 2019 18:54:33 GMT
server: nginx
etag: W/"5c5495e9-550"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 main.js Show response
elephantapple.ca/wp-content/plugins/Divi-Ultimate-Header-Plugin/js/ 2 KB
761 B 99ms
89ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/plugins/Divi-Ultimate-Header-Plugin/js/main.js?ver=2.0.1.3
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 501fd1da2c93125c214a7d9d58aa5a6782c5af0d284cdfeef5c2dc21de0a85db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Sun, 03 Feb 2019 02:45:11 GMT
server: nginx
etag: W/"5c5655b7-762"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
elephantapple.ca/wp-includes/js/mediaelement/ 154 KB
35 KB 112ms
103ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 04 Nov 2022 05:35:34 GMT
server: nginx
etag: W/"6364a4a6-26935"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
elephantapple.ca/wp-includes/js/mediaelement/ 1 KB
726 B 119ms
110ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 06:31:07 GMT
server: nginx
etag: W/"6290702b-4a7"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 wp-mediaelement.min.js Show response
elephantapple.ca/wp-includes/js/mediaelement/ 906 B
640 B 124ms
116ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Wed, 10 Feb 2021 10:11:40 GMT
server: nginx
etag: W/"6023b15c-38a"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 wp-emoji-release.min.js Show response
elephantapple.ca/wp-includes/js/ 18 KB
5 KB 218ms
212ms Script
application/javascript 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 06:31:07 GMT
server: nginx
etag: W/"6290702b-48b9"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 COe8C3kF_o.jpg
elephantapple.ca/wp-content/uploads/2019/02/ 96 KB
96 KB 170ms
167ms Image
image/jpeg 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/COe8C3kF_o.jpg
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e81932b3d805e29f50b670ed17a1e094a7f95cd6c3d9ddd14fd5e7e823b158f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Sun, 03 Feb 2019 02:45:29 GMT
server: nginx
etag: "5c5655c9-1806e"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 98414
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 preloader.gif
elephantapple.ca/wp-content/themes/Divi/includes/builder/styles/images/ 9 KB
9 KB 171ms
168ms Image
image/gif 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/themes/Divi/includes/builder/styles/images/preloader.gif
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/wp-content/themes/Divi/style.css?ver=3.19.10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 27422f830d71474144ea902369ce78d178d1ace4e38a029ba2e359b7b55b4176

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/wp-content/themes/Divi/style.css?ver=3.19.10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Fri, 01 Feb 2019 18:54:34 GMT
server: nginx
etag: "5c5495ea-24d3"
x-proxy-cache-info: DT:1
content-type: image/gif
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 9427
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 final-pdi-traingle-fit-size.png
elephantapple.ca/wp-content/uploads/2019/02/ 134 KB
134 KB 161ms
161ms Image
image/png 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/final-pdi-traingle-fit-size.png
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f72f4aed33ff6e782c2decac514de2bd173738345d894270c7fc86f412d02989

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Sun, 03 Feb 2019 22:58:01 GMT
server: nginx
etag: "5c5771f9-217df"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 137183
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 modules.ttf
elephantapple.ca/wp-content/themes/Divi/core/admin/fonts/ 90 KB
36 KB 162ms
159ms Font
application/x-font-ttf 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/wp-content/themes/Divi/style.css?ver=3.19.10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://elephantapple.ca/wp-content/themes/Divi/style.css?ver=3.19.10
Origin: https://elephantapple.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: br
last-modified: Fri, 01 Feb 2019 18:54:33 GMT
server: nginx
etag: W/"5c5495e9-168f0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/x-font-ttf
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 112ms
20ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elephantapple.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:49:30 GMT
x-content-type-options: nosniff
age: 7675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 17:49:30 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 168ms
77ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CAbel%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1#038;subset=latin,latin-ext,devanagari

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elephantapple.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:11:34 GMT
x-content-type-options: nosniff
age: 103551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 15:11:34 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 163ms
73ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elephantapple.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 02:24:08 GMT
x-content-type-options: nosniff
age: 149597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 02:24:08 GMT

GET
H2 206 1ele.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 192 KB
0 152ms
151ms Media
video/mp4 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/1ele.mp4
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://elephantapple.ca/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Tue, 05 Feb 2019 22:38:45 GMT
server: nginx
etag: "5c5a1075-15cc9b7"
x-proxy-cache-info: DT:1
content-type: video/mp4
Content-Range: bytes 0-22858166/22858167
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
Content-Length: 22858167
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 206 pdi-video.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 128 KB
0 152ms
152ms Media
video/mp4 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/pdi-video.mp4
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://elephantapple.ca/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Sat, 02 Feb 2019 03:37:02 GMT
server: nginx
etag: "5c55105e-1f1c568"
x-proxy-cache-info: DT:1
content-type: video/mp4
Content-Range: bytes 0-32621927/32621928
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
Content-Length: 32621928
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2

200

p Show response
541922.17hats.com/ Frame C75B
Redirect Chain

https://541922.17hats.com/embed/lead/form/vxrgnbzgsxtgccgcfvgnxxthtdfwkfdn
https://541922.17hats.com/p

6 KB
3 KB

25ms
25ms

Document
text/html

35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/p

Requested by

Host: elephantapple.ca
URL: https://elephantapple.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0881e2eb609985cb72fd13c0a774ff059c1bfa255e51a210e8c3a36f32f6c268

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://elephantapple.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 2302
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-type: text/html
date: Thu, 16 Feb 2023 19:57:25 GMT
etag: "63ec209e-8fe"
expires: Thu, 01 Jan 1970 00:00:01 GMT
feature-policy: midi: 'self'
last-modified: Wed, 15 Feb 2023 00:00:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: no-cache
content-length: 178
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-type: text/html
date: Thu, 16 Feb 2023 19:57:25 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
feature-policy: midi: 'self'
location: https://541922.17hats.com/p#/embed/vxrgnbzgsxtgccgcfvgnxxthtdfwkfdn
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 photo-1486149107792-c9a3f301d9d2.jpg
elephantapple.ca/wp-content/uploads/2019/02/ 300 KB
301 KB 152ms
139ms Image
image/jpeg 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/photo-1486149107792-c9a3f301d9d2.jpg
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/wp-content/cache/et/28397/et-core-unified-1675359873536.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c3733110ea6d00da8d1cf73ce2f5fc93a70b9e41ca8d5c51c7434b1c2e12d03e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/wp-content/cache/et/28397/et-core-unified-1675359873536.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
last-modified: Sun, 03 Feb 2019 03:02:18 GMT
server: nginx
etag: "5c5659ba-4b059"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 307289
expires: Fri, 16 Feb 2024 19:57:25 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 29ms
25ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elephantapple.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 14:41:10 GMT
x-content-type-options: nosniff
age: 105375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 14:41:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C75B 10 KB
828 B 38ms
36ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 19:43:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 19:57:25 GMT

GET
H2 200 client_pages.06efd1f535443507f176.css
541922.17hats.com/ Frame C75B 540 KB
160 KB 65ms
63ms Stylesheet
text/css 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/client_pages.06efd1f535443507f176.css

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

52ddae4f9ddce4588930c99c3c5e441b8a2975514b9dfb9a8a81e98b7ab9d1b9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 15 Feb 2023 00:00:30 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "63ec209e-27c14"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
feature-policy: midi: 'self'
content-length: 162836
expires: Sat, 18 Mar 2023 19:57:25 GMT

GET
H2 200 config Show response
541922.17hats.com/perl/reseller/0/ Frame C75B 740 B
2 KB 136ms
134ms Script
text/javascript 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/perl/reseller/0/config

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0da2246c8bcad82a37dc87c509a17521768a2622a6513fa1cde89e22274d2697

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
x-17hats-updated: 2022-05-01T13:17:23
vary: Origin
content-type: text/javascript; charset=ISO-8859-1
access-control-allow-origin: https://www.17hats.com
access-control-allow-credentials: true
feature-policy: midi: 'self'
x-17hats-update-threshold: 1
access-control-allow-headers: Cookie, Origin, X-Requested-With, Content-Type, Accept
x-backend-server: sh21appserver7

GET
H2 200 / Show response
js.stripe.com/v3/ Frame C75B 438 KB
105 KB 365ms
33ms Script
text/javascript 13.35.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-43.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

67b8bc68c6621839f990f4592a25ef28566d85d0dd8d69a6373fa476184475d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 19:56:43 GMT
via: 1.1 2da1a465458d2c4bd692e693d75f0780.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 43
x-cache: Hit from cloudfront
last-modified: Thu, 16 Feb 2023 19:06:13 GMT
server: Cloudfront
etag: W/"707cf6eca3a2e246449dbc089439d607"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: zqQXuTrHnAmVTFSgNi0B-fgItQhnB0JcfI0K9b-5tZHttSmCirIjSg==

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ Frame C75B 1 MB
235 KB 133ms
21ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C4C) /

Resource Hash

507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 6601963163bc3
dc: ccg11-origin-www-1.paypal.com
content-length: 239948
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
server: ECAcc (nya/1C4C)
etag: "6266d4b0-16d23e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Fri, 17 Feb 2023 19:57:26 GMT

GET
H2 200 logo-17hats-white.png
541922.17hats.com/images/ Frame C75B 3 KB
4 KB 27ms
27ms Image
image/png 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://541922.17hats.com/images/logo-17hats-white.png

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

88db6b078b30ba64ec4ac4fda7821cade6ba1062a438883b0a2a3fba86ac2d2e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 00:00:29 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
etag: "63ec209d-d8e"
content-type: image/png
cache-control: max-age=2592000
feature-policy: midi: 'self'
accept-ranges: bytes
content-length: 3470
expires: Sat, 18 Mar 2023 19:57:26 GMT

GET
H2 200 client_pages_vendor.06efd1f535443507f176.js Show response
541922.17hats.com/ Frame C75B 2 MB
288 KB 27ms
26ms Script
application/javascript 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/client_pages_vendor.06efd1f535443507f176.js

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b0c850b99a5d8028d19170dd358f6a25a5bda1b3b2e85eea9b8fcdb8fbfa10f4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 15 Feb 2023 00:00:30 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "63ec209e-47d83"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
feature-policy: midi: 'self'
content-length: 294275
expires: Sat, 18 Mar 2023 19:57:26 GMT

GET
H2 200 client_pages.06efd1f535443507f176.js Show response
541922.17hats.com/ Frame C75B 1 MB
376 KB 32ms
30ms Script
application/javascript 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/client_pages.06efd1f535443507f176.js

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

29ec93cf5988d94558451b2558d70b87bbdc49a04ad696bde9cf74889dd7844f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 15 Feb 2023 00:00:30 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "63ec209e-5dbf4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
feature-policy: midi: 'self'
content-length: 383988
expires: Sat, 18 Mar 2023 19:57:26 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame C75B 132 KB
41 KB 328ms
117ms Script
application/javascript 18.238.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: 541922.17hats.com
URL: https://541922.17hats.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-21.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebdad39f097253a4560a1de1130a46136eb0cc3c53b4b6ad47a676c09775218d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:00:19 GMT
x-amz-version-id: _oRHa9rIZKIEkH0T6b6HDtfs2sEWx3_W
content-encoding: gzip
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-request-id: N99PEQ2JQEB2PAQ2
x-amz-cf-pop: PHL51-P1
x-amz-server-side-encryption: AES256
age: 3428
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: 3NSLRUzF2VGJVcY16KvfbgBMPyym+vKbgc3cIA4L8kKwTccouwaGgpn+mR9HTGu9MtXP0sSl9EA=
last-modified: Thu, 16 Feb 2023 18:47:53 GMT
server: AmazonS3
etag: W/"bb941ca5901988643aeaaa78cd7575e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: Qfy8uvwJ_ZPtdzBzX-8-1ELgWs0xGvHk6WWT60ebngRgezVlsg1w6g==

GET 1ele.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 0
0

GET
H2 206 pdi-video.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 81 KB
82 KB 130ms
128ms Media
video/mp4 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/pdi-video.mp4
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 232ac589fdeb21438a51b5377306acd9953086eda216fc216071c24f347ef3cf

Request headers

Referer: https://elephantapple.ca/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=32538624-

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
last-modified: Sat, 02 Feb 2019 03:37:02 GMT
server: nginx
etag: "5c55105e-1f1c568"
x-proxy-cache-info: DT:1
content-type: video/mp4
Content-Range: bytes 32538624-32621927/32621928
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
Content-Length: 83304
expires: Fri, 16 Feb 2024 19:57:26 GMT

GET
H2 206 1ele.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 0
0 175ms
153ms Media
video/mp4 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/1ele.mp4
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://elephantapple.ca/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
last-modified: Tue, 05 Feb 2019 22:38:45 GMT
server: nginx
etag: "5c5a1075-15cc9b7"
x-proxy-cache-info: DT:1
content-type: video/mp4
Content-Range: bytes 0-22858166/22858167
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
Content-Length: 22858167
expires: Fri, 16 Feb 2024 19:57:26 GMT

GET
H2 200 square.js Show response
web.squarecdn.com/v1/ Frame C75B 352 KB
104 KB 150ms
26ms Script
application/javascript 2600:9000:210b:a00:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/v1/square.js
Requested by: Host: 541922.17hats.com
URL: https://541922.17hats.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:a00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 743896b34c6671fdc6d40c2b423b8481ad9ddd47c38860f173f19c15cc29602b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: Lsk4iM_X6HxlLh0dp4nOZjgAxEWTveG4
content-encoding: gzip
via: 1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
date: Thu, 16 Feb 2023 15:58:10 GMT
x-amz-cf-pop: EWR53-C3
age: 14356
x-cache: Hit from cloudfront
x-amz-meta-websdk-version: 1.45.3
last-modified: Fri, 27 Jan 2023 17:36:42 GMT
server: AmazonS3
etag: W/"c0c77a2010341edca9700e0b2a67a215"
access-control-max-age: 300
x-amz-meta-md5checksum: wMd6IBA0HtypcA4LKmeiFQ==
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: r7L0bgCEZi9Y3qjhJXwMBP7QRoPCOYbNNVQ_NjFAbET5fAp41-c3ow==

GET 1ele.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 0
0

GET
H2 206 1ele.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 18 KB
19 KB 203ms
202ms Media
video/mp4 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/1ele.mp4
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 85db7bc96bc69cfcfbdf0ff724c7f03f9622cdf1db65bdcb43191f62c6c2db0e

Request headers

Referer: https://elephantapple.ca/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=22839296-

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
last-modified: Tue, 05 Feb 2019 22:38:45 GMT
server: nginx
etag: "5c5a1075-15cc9b7"
x-proxy-cache-info: DT:1
content-type: video/mp4
Content-Range: bytes 22839296-22858166/22858167
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
Content-Length: 18871
expires: Fri, 16 Feb 2024 19:57:26 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame C75B 12 KB
5 KB 132ms
96ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=541922.17hats.com&source=checkoutjs&t=xo&v=4.0.336

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-cz/JOPqM22vU13lADoi6hlh53IZ287vy9g4/2HSKlFghyKDa' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-cz/JOPqM22vU13lADoi6hlh53IZ287vy9g4/2HSKlFghyKDa' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 19:57:26 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 72654
x-cache: HIT, MISS
paypal-debug-id: f1118273535a9
server-timing: "traceparent;desc="00-0000000000000000000f1118273535a9-c2b0467198552dcf-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-lax10634-LGB, cache-yul12825-YUL
traceparent: 00-0000000000000000000f1118273535a9-be6e42b07c70f706-01
x-timer: S1676577447.644790,VS0,VE80
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame C75B 884 B
905 B 96ms
44ms Script
text/javascript 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/client_pages.06efd1f535443507f176.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfea966b316876c42f6464d4f6e7fb0d8faab97393ca95a8a45d46bf0f2094fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 585
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 19:57:26 GMT

GET
DATA 200
OK truncated
/ Frame C75B 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 206 1ele.mp4
elephantapple.ca/wp-content/uploads/2019/02/ 22 MB
22 MB 48ms
48ms Media
video/mp4 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/1ele.mp4
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://elephantapple.ca/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=131072-

Response headers

date: Thu, 16 Feb 2023 19:57:27 GMT
last-modified: Tue, 05 Feb 2019 22:38:45 GMT
server: nginx
etag: "5c5a1075-15cc9b7"
x-proxy-cache-info: DT:1
content-type: video/mp4
Content-Range: bytes 131072-22858166/22858167
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
Content-Length: 22727095
expires: Fri, 16 Feb 2024 19:57:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C75B 49 KB
20 KB 77ms
20ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 18:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4203
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Feb 2023 20:47:24 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 7CB6 200 B
1 KB 24ms
21ms Document
text/html 13.35.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-43.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://541922.17hats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2302
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 Feb 2023 19:19:06 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 14 Feb 2023 21:26:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2da1a465458d2c4bd692e693d75f0780.cloudfront.net (CloudFront)
x-amz-cf-id: 6c9ayW1IhhwIyJNftd4IBf_w36hJo0ED0Imei2l-IPMVPfITNVC6lw==
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 i.js Show response
i.kissmetrics.com/ Frame C75B 39 B
227 B 207ms
26ms Script
application/x-javascript 54.159.23.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.kissmetrics.com/i.js
Requested by: Host: 541922.17hats.com
URL: https://541922.17hats.com/p
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.23.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-23-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
date: Thu, 16 Feb 2023 19:57:27 GMT
cache-control: max-age=2592000
content-type: application/x-javascript
server: nginx
content-length: 39
expires: Sat, 18 Mar 2023 19:57:06 GMT

GET
H/1.1 200
OK 9a5ef53f1759d5142653d35c105e37287d602dd4.2.js Show response
scripts.kissmetrics.com/ Frame C75B 26 KB
12 KB 203ms
54ms Script
application/x-javascript 18.160.48.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.kissmetrics.com/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js
Requested by: Host: 541922.17hats.com
URL: https://541922.17hats.com/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.48.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-48-68.iad55.r.cloudfront.net
Software: nginx/1.6.2 /
Resource Hash: e42ec5a81e142cd5422fb5b15b64d0345b814fac7fafd08cb04d6dbc61714029

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 19:56:30 GMT
Content-Encoding: gzip
Via: 1.1 9b00405a1ff669043791884b75822050.cloudfront.net (CloudFront)
Last-Modified: Thu, 13 Aug 2020 13:15:30 GMT
Server: nginx/1.6.2
X-Amz-Cf-Pop: IAD55-P2
Age: 57
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Content-Type: application/x-javascript; charset=utf-8
X-Cache: Hit from cloudfront
Cache-Control: max-age=60
Connection: keep-alive
X-Amz-Cf-Id: 4O1vAl-TxaRUGjJHfLw0BjePv14uon2v9AuJRjz3HzMk4RRoHpslEg==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame C75B 405 KB
162 KB 92ms
34ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://541922.17hats.com/
Origin: https://541922.17hats.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164853
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:54:17 GMT

GET
H2 200 ts
t.paypal.com/ Frame C75B 42 B
675 B 100ms
91ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=17hats&dh=1200&dw=1600&bh=600&bw=1080&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1676577447457&g=0&completeurl=https%3A%2F%2F541922.17hats.com%2Fp%23%2Fembed%2Fvxrgnbzgsxtgccgcfvgnxxthtdfwkfdn&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcd/7D5F) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://541922.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 19:57:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (dcd/7D5F)
traceparent: 00-00000000000000000000ffebfac7b4a7-3c9e388752fa3112-01
content-type: image/gif
paypal-debug-id: ffebfac7b4a7
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 16 Feb 2023 19:57:27 GMT

GET
H2 404 0 Show response
541922.17hats.com/perl/client_account/ Frame C75B 0
762 B 58ms
57ms XHR
text/plain 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://541922.17hats.com/perl/client_account/0?format=json&_=1676577446712
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-147-130.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://541922.17hats.com/p
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:27 GMT
server: nginx
x-17hats-updated: 2022-05-01T13:17:23
vary: Origin
location: http://541922.17hats.com/perl/client_account/0?format=json;_=1676577446712
access-control-allow-origin: https://www.17hats.com
access-control-allow-credentials: true
x-17hats-update-threshold: 1
access-control-allow-headers: Cookie, Origin, X-Requested-With, Content-Type, Accept
x-backend-server: sh21appserver10

POST
H2 200 csp-report
q.stripe.com/ Frame 7CB6 0
599 B 283ms
87ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: elephantapple.ca
URL: https://elephantapple.ca/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Feb 2023 19:57:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7CB6 0
600 B 276ms
80ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: elephantapple.ca
URL: https://elephantapple.ca/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Feb 2023 19:57:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7CB6 631 B
1 KB 30ms
29ms Script
text/javascript 13.35.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-43.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 16 Feb 2023 19:15:37 GMT
x-content-type-options: nosniff
via: 1.1 2da1a465458d2c4bd692e693d75f0780.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 2510
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 09 Feb 2023 23:29:42 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZRUWL0aHXQMKbM6T4eZ1S2Me77hr2FHl7DlvJ6zdh5yJcklTO-E_FA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 07B5 930 B
1 KB 114ms
36ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 177
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 Feb 2023 19:57:27 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 388
x-content-type-options: nosniff
x-request-id: cff02fa0-da91-4e19-9548-b65613b5a56d
x-served-by: cache-yul12829-YUL
x-timer: S1676577448.756157,VS0,VE0

GET
H2 200 OpenSans-Bold-webfont.woff
541922.17hats.com/fonts/opensans/ Frame C75B 22 KB
23 KB 31ms
30ms Font
application/font-woff 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/fonts/opensans/OpenSans-Bold-webfont.woff

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/client_pages.06efd1f535443507f176.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://541922.17hats.com/client_pages.06efd1f535443507f176.css
Origin: https://541922.17hats.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 00:00:28 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
etag: "63ec209c-57a0"
content-type: application/font-woff
cache-control: max-age=2592000
feature-policy: midi: 'self'
accept-ranges: bytes
content-length: 22432
expires: Sat, 18 Mar 2023 19:57:27 GMT

GET
H2 200 OpenSans-Regular-webfont.woff
541922.17hats.com/fonts/opensans/ Frame C75B 22 KB
23 KB 32ms
31ms Font
application/font-woff 35.174.147.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://541922.17hats.com/fonts/opensans/OpenSans-Regular-webfont.woff

Requested by

Host: 541922.17hats.com
URL: https://541922.17hats.com/client_pages.06efd1f535443507f176.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.147.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-147-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://541922.17hats.com/client_pages.06efd1f535443507f176.css
Origin: https://541922.17hats.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Feb 2023 00:00:28 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
etag: "63ec209c-5884"
content-type: application/font-woff
cache-control: max-age=2592000
feature-policy: midi: 'self'
accept-ranges: bytes
content-length: 22660
expires: Sat, 18 Mar 2023 19:57:27 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E467 42 KB
23 KB 60ms
58ms Document
text/html 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly81NDE5MjIuMTdoYXRzLmNvbTo0NDM.&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=ro9cjpxhed3e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

509bab374e086a14083963fa8ec7d37279e51c3d68cf95cb3a052fdf9cacfcaf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ji3MHwZNk8wqae5l6JYmgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://541922.17hats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22627
content-security-policy: script-src 'report-sample' 'nonce-ji3MHwZNk8wqae5l6JYmgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 19:57:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK e
trk.kissmetrics.io/ Frame C75B 43 B
376 B 165ms
30ms Ping
image/gif 3.232.92.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.kissmetrics.io/e
Requested by: Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.92.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-92-28.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://541922.17hats.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Feb 2023 19:57:28 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 16 Feb 2023 19:57:27 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 07B5 0
373 B 88ms
88ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: elephantapple.ca
URL: https://elephantapple.ca/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: blue
pragma: no-cache
date: Thu, 16 Feb 2023 19:57:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 07B5 86 KB
16 KB 14ms
14ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 16 Feb 2023 19:57:27 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 6
x-cache: HIT
content-length: 16031
x-request-id: 6800f0c8-efcc-4aad-8b90-3f8007680474
x-served-by: cache-yul12829-YUL
server: Fastly
x-timer: S1676577448.923144,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 15

GET
H2 200 photo-1437326516294-01d0da392e11.jpg
elephantapple.ca/wp-content/uploads/2019/02/ 22 KB
22 KB 515ms
514ms Image
image/jpeg 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/photo-1437326516294-01d0da392e11.jpg
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/wp-content/cache/et/28397/et-core-unified-1675359873536.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 627fd22b2aa550d3dc1c781912c39c615d621333f8c94106ceeba5dba92d5e84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/wp-content/cache/et/28397/et-core-unified-1675359873536.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:27 GMT
last-modified: Sun, 03 Feb 2019 03:08:04 GMT
server: nginx
etag: "5c565b14-56a8"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 22184
expires: Fri, 16 Feb 2024 19:57:27 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame E467 55 KB
24 KB 71ms
21ms Stylesheet
text/css 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly81NDE5MjIuMTdoYXRzLmNvbTo0NDM.&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=ro9cjpxhed3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:54:17 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame E467 405 KB
161 KB 70ms
32ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164853
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:55:47 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 07B5 156 B
553 B 323ms
96ms XHR
application/json 44.240.18.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.18.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-18-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6fb56fc66455a85ebd5f488bbd8d4fe4e1cd8f577523065a25ad061e253f4c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 16 Feb 2023 19:57:28 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E467 2 KB
2 KB 27ms
24ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:08:43 GMT
x-content-type-options: nosniff
age: 28125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Feb 2023 12:08:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E467 15 KB
15 KB 25ms
25ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:10:19 GMT
x-content-type-options: nosniff
age: 103629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 15:10:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E467 15 KB
15 KB 26ms
26ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 19:06:33 GMT
x-content-type-options: nosniff
age: 89455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 19:06:33 GMT

GET
H2 200 EALOGO.png
elephantapple.ca/wp-content/uploads/2019/02/ 80 KB
81 KB 527ms
527ms Image
image/png 35.208.69.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elephantapple.ca/wp-content/uploads/2019/02/EALOGO.png
Requested by: Host: elephantapple.ca
URL: https://elephantapple.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.69.114 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.69.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f8f68e4042b586e0552c107881143740b3575bda3f3da489ddf62a7454b4165

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://elephantapple.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:28 GMT
last-modified: Fri, 01 Feb 2019 19:08:16 GMT
server: nginx
etag: "5c549920-140ef"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 82159
expires: Fri, 16 Feb 2024 19:57:28 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E467 102 B
134 B 39ms
39ms Other
text/javascript 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93e034978a170455e49d3c605349b1f68e0b995c9b9c4e0aac38851ba3d38fde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly81NDE5MjIuMTdoYXRzLmNvbTo0NDM.&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=ro9cjpxhed3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 19:57:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: elephantapple.ca
URL: https://elephantapple.ca/wp-content/uploads/2019/02/1ele.mp4

Domain: elephantapple.ca
URL: https://elephantapple.ca/wp-content/uploads/2019/02/1ele.mp4

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 19:18:57	Name: ts Value: vreXpYrS%3D1771271847%26vteXpYrS%3D1676579247%26vr%3D5bcd9e5b1860aa5c4816c276ffffffff%26vt%3D5bcd9e5b1860aa5c4816c276fffffffe
.paypal.com/	1970-01-20 19:18:57	Name: ts_c Value: vr%3D5bcd9e5b1860aa5c4816c276ffffffff%26vt%3D5bcd9e5b1860aa5c4816c276fffffffe
541922.17hats.com/	1970-01-20 09:53:02	Name: AWSALBCORS Value: RxL8KMBJeSsCDSE4ll9j/ll38U3RohNVIX4kEHZ+su+5S9knS05ItuudresI/ICycg6ZzASvGcNIcFP+x78RRWpDhAKu+oqJxsleCXDA2L75nIm0+VBQyW9u9jnx
m.stripe.com/	1970-01-20 19:18:57	Name: m Value: 1a95c10b-0183-4936-9e14-487f5af2bf3f300ca7

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'midi:'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://541922.17hats.com/perl/client_account/0?format=json&_=1676577446712 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://scripts.kissmetrics.com/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js(Line 40) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.kissmetrics.io') does not match the recipient window's origin ('https://elephantapple.ca').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

541922.17hats.com
cdn.plaid.com
elephantapple.ca
fonts.googleapis.com
fonts.gstatic.com
i.kissmetrics.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
scripts.kissmetrics.com
t.paypal.com
trk.kissmetrics.io
web.squarecdn.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
elephantapple.ca
13.35.93.43
151.101.0.176
151.101.1.21
18.160.48.68
18.238.4.21
192.229.210.155
2600:9000:210b:a00:13:4005:e4c0:93a1
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:817::200e
2607:f8b0:4006:821::2003
3.232.92.28
35.174.147.130
35.208.69.114
44.240.18.98
54.159.23.63
54.186.23.98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0881e2eb609985cb72fd13c0a774ff059c1bfa255e51a210e8c3a36f32f6c268
0da2246c8bcad82a37dc87c509a17521768a2622a6513fa1cde89e22274d2697
0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
16c441b80759c3f7ab98395e3a29f4bf6f4cbb5261814313e076db2a6496b5a1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
232ac589fdeb21438a51b5377306acd9953086eda216fc216071c24f347ef3cf
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
27422f830d71474144ea902369ce78d178d1ace4e38a029ba2e359b7b55b4176
29ec93cf5988d94558451b2558d70b87bbdc49a04ad696bde9cf74889dd7844f
2b300b25b39453d87e8fbec461341dc2708614f58ce68a4f5cea23aa1e661a65
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3641cda796695075cb6bb748d50bb31337fcd49f631d18d2e711021594643548
3c7bbf9849074123820530673909cf2ad840f008d581a6677532c2a21182b612
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3f76f50337430014c871163251f2491b57fefcd7e422ed3e0d6ebcf0ea48743e
4781426ec9465dd2901fb89b17f03e3667475fc6ee221b3bfe5d06abc9444a87
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
485aae7e3558272e44ff68fe9da29b370db04f6ec8d71a0dfc4745c7d4f30c1e
4bf41c74e4a48ee71f6142c1c91a1c980411ea48380597922a1f22ea53630853
501fd1da2c93125c214a7d9d58aa5a6782c5af0d284cdfeef5c2dc21de0a85db
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
509bab374e086a14083963fa8ec7d37279e51c3d68cf95cb3a052fdf9cacfcaf
52ddae4f9ddce4588930c99c3c5e441b8a2975514b9dfb9a8a81e98b7ab9d1b9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cc11a2354df3809519be7a8af418ac4ceb8d451c9fb3d83bea6cd81246f59e4
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6226df7fd1a3196259f7f3a488020dedd60cd077ce783971bc2a6bdc3b70fe03
627fd22b2aa550d3dc1c781912c39c615d621333f8c94106ceeba5dba92d5e84
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
67b8bc68c6621839f990f4592a25ef28566d85d0dd8d69a6373fa476184475d6
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f8f68e4042b586e0552c107881143740b3575bda3f3da489ddf62a7454b4165
6fb56fc66455a85ebd5f488bbd8d4fe4e1cd8f577523065a25ad061e253f4c79
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
743896b34c6671fdc6d40c2b423b8481ad9ddd47c38860f173f19c15cc29602b
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
85db7bc96bc69cfcfbdf0ff724c7f03f9622cdf1db65bdcb43191f62c6c2db0e
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88db6b078b30ba64ec4ac4fda7821cade6ba1062a438883b0a2a3fba86ac2d2e
93e034978a170455e49d3c605349b1f68e0b995c9b9c4e0aac38851ba3d38fde
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9f550de94b54f2eda723cabafb41fc51029a40f7f66b469ca21a3be3f7ca91dd
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b0c850b99a5d8028d19170dd358f6a25a5bda1b3b2e85eea9b8fcdb8fbfa10f4
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3733110ea6d00da8d1cf73ce2f5fc93a70b9e41ca8d5c51c7434b1c2e12d03e
cc07095ba077ee47cd01442bfc94af493963f5d46cb1ec38b502af9ab692df7a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfea966b316876c42f6464d4f6e7fb0d8faab97393ca95a8a45d46bf0f2094fc
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e17ba95bf25d002246788f3f88c63e7aeb04f50512edbed382c222b6cd1a9d58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42ec5a81e142cd5422fb5b15b64d0345b814fac7fafd08cb04d6dbc61714029
e81932b3d805e29f50b670ed17a1e094a7f95cd6c3d9ddd14fd5e7e823b158f9
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebdad39f097253a4560a1de1130a46136eb0cc3c53b4b6ad47a676c09775218d
f1d09a999c5ddc7a64ed455e8ddf3d1eed154729c79a2b37096b73b05c31bedf
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f72f4aed33ff6e782c2decac514de2bd173738345d894270c7fc86f412d02989

elephantapple.ca Open in urlscan Pro 35.208.69.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

98 %HTTPS

33 %IPv6

14 Domains

19 Subdomains

19 IPs

1 Countries

39116 kBTransfer

46064 kBSize

4 Cookies

3 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elephantapple.ca Open in urlscan Pro
35.208.69.114 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

98 %
HTTPS

33 %
IPv6

14
Domains

19
Subdomains

19
IPs

1
Countries

39116 kB
Transfer

46064 kB
Size

4
Cookies

85 HTTP transactions
8 data transactions