Submitted URL: http://protectnsfrontline.ca/
Effective URL: https://www.protectnsfrontline.ca/
Submission: On April 22 via api from US

Summary

This website contacted 21 IPs in 5 countries across 20 domains to perform 56 HTTP transactions. The main IP is 2.16.110.50, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is www.protectnsfrontline.ca.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 16th 2020. Valid for: 3 months.
This is the only time www.protectnsfrontline.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 96.45.83.119 16552 (TIGGEE)
1 2 2.16.110.50 20940 (AKAMAI-ASN1)
12 23.60.16.13 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
6 13.225.78.54 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.111.9.35 33438 (HIGHWINDS2)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a0b:4d07:101::1 44239 (PROINITY ...)
1 104.16.90.50 13335 (CLOUDFLAR...)
2 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
7 95.100.67.47 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.199.110.153 54113 (FASTLY)
56 21
Domain Requested by
12 unifortheunion.nationbuilder.com www.protectnsfrontline.ca
6 use.typekit.net www.protectnsfrontline.ca
use.typekit.net
6 d3n8a8pro7vhmx.cloudfront.net www.protectnsfrontline.ca
4 fonts.gstatic.com www.protectnsfrontline.ca
4 use.fontawesome.com www.protectnsfrontline.ca
2 connect.facebook.net www.protectnsfrontline.ca
connect.facebook.net
2 engage.newmode.net www.protectnsfrontline.ca
blog.apps.npr.org
2 ssl.google-analytics.com www.protectnsfrontline.ca
2 apis.google.com www.protectnsfrontline.ca
apis.google.com
2 platform.twitter.com www.protectnsfrontline.ca
platform.twitter.com
2 printjs-4de6.kxcdn.com www.protectnsfrontline.ca
2 cdnjs.cloudflare.com www.protectnsfrontline.ca
2 www.protectnsfrontline.ca 1 redirects
1 p.typekit.net www.protectnsfrontline.ca
1 blog.apps.npr.org engage.newmode.net
1 c.shpg.org engage.newmode.net
1 www.facebook.com connect.facebook.net
1 cdn.embedly.com www.protectnsfrontline.ca
1 cdn.jsdelivr.net www.protectnsfrontline.ca
1 polyfill.io www.protectnsfrontline.ca
1 fonts.googleapis.com www.protectnsfrontline.ca
1 ajax.googleapis.com www.protectnsfrontline.ca
1 protectnsfrontline.ca 1 redirects
56 23

This site contains links to these domains. Also see Links.

Domain
www.vancitystudios.com
nationbuilder.com
Subject Issuer Validity Valid
securefed697022a57ac112c1fbc6a.nationbuilder.com
Let's Encrypt Authority X3
2020-04-16 -
2020-07-15
3 months crt.sh
*.nationbuilder.com
DigiCert SHA2 Secure Server CA
2019-05-04 -
2020-08-02
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-16 -
2021-04-17
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-04-06 -
2020-10-09
6 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
*.kxcdn.com
Thawte RSA CA 2018
2019-07-04 -
2021-09-01
2 years crt.sh
*.embedly.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-11 -
2021-09-16
2 years crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
*.apis.google.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
engage.newmode.net
Let's Encrypt Authority X3
2020-01-27 -
2020-04-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-03-01 -
2020-05-30
3 months crt.sh
blog.apps.npr.org
Let's Encrypt Authority X3
2020-03-11 -
2020-06-09
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.protectnsfrontline.ca/
Frame ID: DF27C98069985956972E431F38F9B652
Requests: 54 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fwww.protectnsfrontline.ca
Frame ID: EE318085EE30D6415429F5640D92456A
Requests: 1 HTTP requests in this frame

Frame: https://engage.newmode.net/nm-letter/6624/18803?initialWidth=350&childId=newmode-embed-6624-18803&parentTitle=Protect%20NS%20Frontline%20Workers&parentUrl=https%3A%2F%2Fwww.protectnsfrontline.ca%2F
Frame ID: 404BB4A1E5D4AB52F70090CFA83FD333
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://protectnsfrontline.ca/ HTTP 301
    http://www.protectnsfrontline.ca/ HTTP 301
    https://www.protectnsfrontline.ca/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

56
Requests

100 %
HTTPS

64 %
IPv6

20
Domains

23
Subdomains

21
IPs

5
Countries

1849 kB
Transfer

3296 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://protectnsfrontline.ca/ HTTP 301
    http://www.protectnsfrontline.ca/ HTTP 301
    https://www.protectnsfrontline.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.protectnsfrontline.ca/
Redirect Chain
  • http://protectnsfrontline.ca/
  • http://www.protectnsfrontline.ca/
  • https://www.protectnsfrontline.ca/
36 KB
9 KB
Document
General
Full URL
https://www.protectnsfrontline.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-110-50.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
41c0e9e5eb8e3a2d8cd78c9adbcd7bcf74aae206d992c4e5358d0b6e519e4c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Host
www.protectnsfrontline.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Request-Method
GET, POST, PUT, DELETE
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
ETag
W/"05ed86bbe99607667702d0e1d76d5221-gzip"
Server
Apache
status
200 OK
Vary
Accept-Encoding
x-content-digest
df25edb88e49a3d64d93adfbc7c466e557215cf0
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-middleware-start
t=1587560517512894
x-nb-cached-page
yes
x-rack-cache
stale, invalid, ignore, store
x-rails-version
4.2.11.1
X-RateLimit-Limit
10s
X-RateLimit-Remaining
250
X-RateLimit-Reset
1587560527
x-request-id
dbeea608-b9f2-46d4-bdbb-b0bc0e901d7d
x-runtime
0.059043
x-served-by
app14
Content-Length
7897
Expires
Wed, 22 Apr 2020 13:01:57 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 22 Apr 2020 13:01:57 GMT
Connection
keep-alive
Set-Cookie
_nbuild_token=UHJbzdw8ABJGljK6yXonuQF8lWyBNZVW0txl1RJkaxY%3D; path=/; HttpOnly
Use-Proxy
True

Redirect headers

Content-Type
text/html
Location
https://www.protectnsfrontline.ca/
Server
Apache
status
301 Moved Permanently
x-middleware-start
t=1587560517184657
x-nb-code
1011
x-rack-cache
stale, invalid
x-rails-version
4.2.11.1
X-RateLimit-Limit
10s
X-RateLimit-Remaining
250
X-RateLimit-Reset
1587560527
x-request-id
277757d5-e177-4a8e-b4d8-266f53c00089
x-runtime
0.036655
x-served-by
app10
Content-Length
0
Expires
Wed, 22 Apr 2020 13:01:57 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 22 Apr 2020 13:01:57 GMT
Connection
keep-alive
Use-Proxy
True
theme.scss
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
307 KB
41 KB
Stylesheet
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/theme.scss
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b396bc3060f564adea925490b471c07416e93b1b775c274c77cfd4ae8f225ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-ratelimit-remaining
250
x-middleware-start
t=1587075352688337
x-rails-version
4.2.11.1
content-length
41112
x-request-id
b60546c4-b1a0-45a2-a37b-5d51881e6255
x-served-by
app12
x-runtime
0.027187
x-content-digest
a687dc06898ffa972813ca3fabc151ce5df168bb
server
Apache
x-frame-options
ALLOWALL
etag
W/"be140dc01cdfa61e580f00b278d8a286-gzip"
vary
Accept-Encoding
content-type
text/css
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587075362
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:57 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/
30 KB
6 KB
Stylesheet
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 03:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2195574
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5640
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 03:09:03 GMT
main-d6831db8fb2725c2a6edee1f56ed4b6e7dea0a3e97da406651669329390d4a14.js
d3n8a8pro7vhmx.cloudfront.net/assets/liquid/v3/
165 KB
54 KB
Script
General
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/assets/liquid/v3/main-d6831db8fb2725c2a6edee1f56ed4b6e7dea0a3e97da406651669329390d4a14.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6831db8fb2725c2a6edee1f56ed4b6e7dea0a3e97da406651669329390d4a14

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 22:10:43 GMT
content-encoding
gzip
age
2299875
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
55111
last-modified
Fri, 21 Feb 2020 17:25:29 GMT
server
AmazonS3
etag
"eb6c29cfd2b2388f11a62e911ddce8a9"
content-type
application/ecmascript
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
JIXMDinvGQUYQRv07Z2piwkXRV2mtRbDyecRvas1cN1BxuLUAjUsKw==
expires
Sat, 20 Feb 2021 23:25:28 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,400i,700,700i,900
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2eab24b5907bc9ff5a98c9a39d0f098e0320331d520cd713780dc156f58e6545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Apr 2020 13:01:57 GMT
server
ESF
date
Wed, 22 Apr 2020 13:01:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Apr 2020 13:01:57 GMT
solid.css
use.fontawesome.com/releases/v5.8.2/css/
667 B
642 B
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/solid.css
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
bf948f638246715e7ac5fd2f67b64321268d8d4440e187f2d26a33a0805de17d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 16:50:11 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"07a4c01ab36db4e4e2116d9ae4318a77"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
brands.css
use.fontawesome.com/releases/v5.8.2/css/
660 B
631 B
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/brands.css
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ada2b394e1af51a0fdf9f541098832cb60301321f635b9417507bad9bc560cec

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 16:50:12 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"29a22094c35b10f4771809dc056a0183"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
fontawesome.css
use.fontawesome.com/releases/v5.8.2/css/
52 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/fontawesome.css
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1fda1c84c9a5dcb87a144fca2935057f0da10fb9b173d73ca57a2a7c8b28e599

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 16:50:10 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"3a31190683088ef273849e1462993b41"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
polyfill.min.js
polyfill.io/v3/
72 B
589 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?features=es2015%2CElement.prototype.closest%2CElement.prototype.matches%2CElement.prototype.classList%2CNodeList.prototype.forEach%2CMutationObserver
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
0
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
FRA
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=27, MISS-CLUSTER, fastly;desc="Edge time";dur=45
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Wed, 22 Apr 2020 01:03:00 GMT
date
Wed, 22 Apr 2020 13:01:57 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/74.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
es6-promise.auto.min.js
cdn.jsdelivr.net/npm/es6-promise@4/dist/
6 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3471
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
02439428320000bf0af9be2200000001
x-served-by
cache-ams21036-AMS, cache-fra19170-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"1962-NLNASu4jwzBScgHcLDtueKdlX1E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
587f89538aadbf0a-FRA
lodash-custom.min.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
3 KB
2 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/lodash-custom.min.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
188cd1458b5b5d6cd096904983984f2721bb8ea7eada3c7d9e85b7a14bdc0f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648407537
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
1436
x-request-id
67cf8427-a176-4689-b276-1f7e82c4ddf4
x-served-by
app11
x-runtime
0.026387
x-content-digest
2877613b57906e60826e77c9b864b9947c453652
server
Apache
x-frame-options
ALLOWALL
etag
W/"325544d1047dc708819d623f939eaf5f"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:57 GMT
media.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
3 KB
1 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/media.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
96cc638ee9da14c8c758c5a22825cfe017fc0f3ea370b00357b9a3cfe6239c03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648419078
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
654
x-request-id
5bd9e5cd-0212-401c-a85e-9b0249c88f2b
x-served-by
app13
x-runtime
0.022118
x-content-digest
31f23ef6087dcb73c5c893291632a0df4418cdd4
server
Apache
x-frame-options
ALLOWALL
etag
W/"e892ad151d2732ce123b78ed53ea8624"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:57 GMT
ofi.min.js
cdnjs.cloudflare.com/ajax/libs/object-fit-images/3.2.4/
3 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/object-fit-images/3.2.4/ofi.min.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6497035
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
0243942833000097849a2dd200000001
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Mon, 20 Aug 2018 16:15:55 GMT
server
cloudflare
etag
W/"5b7ae93b-cdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
587f89538b7a9784-FRA
expires
Mon, 12 Apr 2021 13:01:57 GMT
simple-scrollbar.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
4 KB
2 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/simple-scrollbar.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e51464cf9d6af308f7ab7479b3e294255d6bff7cff5e4700263cc6637f51b417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648427062
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
1371
x-request-id
557a6a94-ff73-40b0-8ab9-9e11cdcf61bb
x-served-by
app14
x-runtime
0.024963
x-content-digest
2068481ea4b6cbd3b12c3b2b9507ce4c158b3e90
server
Apache
x-frame-options
ALLOWALL
etag
W/"8e7f4bffe02dab68a447775eab12c559"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:57 GMT
bezier-easing.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
4 KB
4 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/bezier-easing.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
579390170916a0b125c2b8a710dc755eb835074a634b28bcf6aa060b04d31237
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:57 GMT
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587256127418186
x-rails-version
4.2.11.1
content-length
3635
x-request-id
269b32a3-a98b-46b5-9696-3dacf3b6ce8a
x-served-by
app14
x-runtime
0.028262
x-content-digest
4fa45566bc977ad32e4e1d8755f487f042d61109
server
Apache
x-frame-options
ALLOWALL
etag
W/"e0f214c7677b3800998a8edf9f5a24c1"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587256137
x-ratelimit-limit
10s
x-rack-cache
miss, store
expires
Wed, 22 Apr 2020 13:01:57 GMT
print.min.js
printjs-4de6.kxcdn.com/
14 KB
5 KB
Script
General
Full URL
https://printjs-4de6.kxcdn.com/print.min.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2bc473e85a3b5bff756778e9d7b5e81604aa7d42207eb1d213e7b1a260c81dd8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:57 GMT
content-encoding
gzip
last-modified
Sun, 26 May 2019 04:52:19 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"5cea1b83-3812"
status
200
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
expires
Wed, 29 Apr 2020 13:01:57 GMT
print.min.css
printjs-4de6.kxcdn.com/
494 B
725 B
Stylesheet
General
Full URL
https://printjs-4de6.kxcdn.com/print.min.css
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
53b47fc5f0abd8bc8d67691d22a79125a46b2c20710da86aaf78ced00aae9b59

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:57 GMT
last-modified
Sun, 26 May 2019 04:52:17 GMT
server
keycdn-engine
x-edge-location
defr
etag
"5cea1b81-1ee"
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
494
expires
Wed, 29 Apr 2020 13:01:57 GMT
logo-white.png
d3n8a8pro7vhmx.cloudfront.net/unifortheunion/pages/3070/attachments/original/1586972468/
43 KB
43 KB
Image
General
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/unifortheunion/pages/3070/attachments/original/1586972468/logo-white.png?1586972468
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b04e61b106f9e360f7d5a5b59c9a23d3624f5e7a8766da1575b24c42d4c61ff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 22 Apr 2020 13:01:59 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Wed, 15 Apr 2020 17:41:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"bb661d51622d1a2dc2677374c85fab1f"
x-cache
Miss from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
43668
x-amz-cf-id
FBtkVdbv4tUDM3QZ038WuHQtB0G5zbMszPZ8Svj7tBnSMcyvTYHw6A==
vcs-nav.es5.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
28 KB
7 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/vcs-nav.es5.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
415082a70379afc2a16d2c4bbeada372ab27f1f24682d7d4a59fff2a9ced5ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648405625
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
6172
x-request-id
d6517b6c-6f3e-431b-9243-33115e4611fb
x-served-by
app12
x-runtime
0.015259
x-content-digest
e76871ad3cff579a9e42f9cf268388bff223917f
server
Apache
x-frame-options
ALLOWALL
etag
W/"7b841125cb83f2cad3fa465de0308399"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:58 GMT
on-resize.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
2 KB
1 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/on-resize.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
05f9519d4187eccfe41c01ac0f4c90aaa757feb1d511170646395db66787bbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648409438
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
674
x-request-id
b2cdef35-596e-4b3f-831e-c52d61505d6c
x-served-by
app11
x-runtime
0.034451
x-content-digest
065da8c8d6c527496afad00162d50179820a36e5
server
Apache
x-frame-options
ALLOWALL
etag
W/"72c68e4692da663da8f4b1a2cf9fc18e"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:58 GMT
ygkNjXpH.png
d3n8a8pro7vhmx.cloudfront.net/unifortheunion/pages/3070/attachments/original/1586971845/
927 KB
929 KB
Image
General
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/unifortheunion/pages/3070/attachments/original/1586971845/ygkNjXpH.png?1586971845
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5933ca9aee7cce19e2f42b12d7b23307ff8b192c7ce5c5b3b38a448deb6d3409

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 22 Apr 2020 13:01:59 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Wed, 15 Apr 2020 17:30:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"cd3f0199695bba70596749983b579e62"
x-cache
Miss from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
949613
x-amz-cf-id
7A7QSqGyGKbRTFPRzGXA5vg9h5mZR6pGUtYX-0q4hirGjhhbD5CZiQ==
vcs-components.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
4 KB
2 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/vcs-components.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1bf3d7d14fcb0ef6eb6f55fc3a7461c6a789aaa3ef416a9498bcb6cd308c9a7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648419741
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
1689
x-request-id
d28aab32-910c-4772-9a7b-0681e0a2232a
x-served-by
app11
x-runtime
0.020857
x-content-digest
05c0e7596f56503d0b3629985d9ce662038f5db6
server
Apache
x-frame-options
ALLOWALL
etag
W/"280422d0c56e2cf2c182ca3073b2d574"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:58 GMT
footer-logo.png
d3n8a8pro7vhmx.cloudfront.net/unifortheunion/pages/3070/attachments/original/1586973354/
39 KB
40 KB
Image
General
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/unifortheunion/pages/3070/attachments/original/1586973354/footer-logo.png?1586973354
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e828f7d44c2d496bb45026042f9061d0f5d2cc265239693c24336f6b9c14b087

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 22 Apr 2020 13:01:59 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Wed, 15 Apr 2020 17:55:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"6ae955e861ad2bee99e2bcd56eb4d70d"
x-cache
Miss from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
40266
x-amz-cf-id
WEdkym0iSJQCiluQpIjy5fzTQG2Nf16g4LtIy3nkuJduDr_QNiujxA==
vcs-notifications.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
658 B
824 B
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/vcs-notifications.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7428e3698198ebca285e286986c3a018a646df25cc27d78b305986197446dc5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587075352375319
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
320
x-request-id
ba5764b8-38de-4a54-a999-c1c26fff5501
x-served-by
app10
x-runtime
0.040922
x-content-digest
d71b2fab773e66d6f38c967b1ef1618f6ffb866b
server
Apache
x-frame-options
ALLOWALL
etag
W/"0c004c038498ce6a9b17df67ab7c778e"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587075362
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:58 GMT
liquid-004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8.js
d3n8a8pro7vhmx.cloudfront.net/assets/
77 KB
30 KB
Script
General
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/assets/liquid-004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:32:06 GMT
content-encoding
gzip
age
24596993
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
30328
last-modified
Tue, 02 Apr 2019 14:02:02 GMT
server
AmazonS3
etag
"12414d69825fa2aeb0a3f495db80acb6"
content-type
application/ecmascript
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
v4Hb2JZAU25PhXAUdzzEtgv3w48WOzLWhSu2D7Omy2owrxAfE-4GHg==
expires
Wed, 01 Apr 2020 20:02:01 GMT
tinymce-0015c5b41a2ac22883833accf1e65adc711250af40cc196c75fe181d0f1359fa.js
d3n8a8pro7vhmx.cloudfront.net/assets/
358 KB
120 KB
Script
General
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/assets/tinymce-0015c5b41a2ac22883833accf1e65adc711250af40cc196c75fe181d0f1359fa.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0015c5b41a2ac22883833accf1e65adc711250af40cc196c75fe181d0f1359fa

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 04:41:10 GMT
content-encoding
gzip
last-modified
Wed, 14 Mar 2018 16:40:52 GMT
server
AmazonS3
age
30049
etag
"efd5b9bb715dc1c6c89fba2303fc5905"
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
122351
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-id
8PhPa3cwXiCwTFyqD3bhackkZ3B7h4lMMF0AlhgNOCej5MM1g4Ao5Q==
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/popper.min.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15141864
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
0243942973000097849a2f2200000001
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 04 Apr 2019 16:30:53 GMT
server
cloudflare
etag
W/"5ca6313d-52aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
587f89558d6d9784-FRA
expires
Mon, 12 Apr 2021 13:01:58 GMT
bootstrap.min.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
57 KB
16 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/bootstrap.min.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587075352357541
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
15434
x-request-id
5defef90-a92f-42dc-ab86-a451a1cc3a35
x-served-by
app14
x-runtime
0.026929
x-content-digest
6778fed3cf095a318141a31f455c8f4663885bde
server
Apache
x-frame-options
ALLOWALL
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587075362
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:58 GMT
bs-custom-file-input.min.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
2 KB
2 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/bs-custom-file-input.min.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648406322
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
1043
x-request-id
d6d874b5-1fac-4779-9500-e555f038115e
x-served-by
app13
x-runtime
0.023005
x-content-digest
59d3af0630bcb8da94e201ce3453821d82447d22
server
Apache
x-frame-options
ALLOWALL
etag
W/"4380926847411561299bf7a29e003e4c"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:58 GMT
autocomplete.js
unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/
8 KB
4 KB
Script
General
Full URL
https://unifortheunion.nationbuilder.com/themes/1040/5e973e8845de947b36f54cba/0/attachments/15869703601586975446/default/autocomplete.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.16.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-16-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a2c5de2dc3fdcedf7bfff778212a499b4db24d95e0d106446476ee9ab08f8300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

use-proxy
True
date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-middleware-start
t=1587074648397318
x-rails-version
4.2.11.1
vary
Accept-Encoding
content-length
3149
x-request-id
6848952a-1e0b-4721-8a44-2c3fdd3d9d0b
x-served-by
app13
x-runtime
0.021632
x-content-digest
85c6d3abf731722f77cb302e087c70f90519dcda
server
Apache
x-frame-options
ALLOWALL
etag
W/"86fcdbe0bb0b2fe7360418b724383de3"
x-ratelimit-remaining
250
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-ratelimit-reset
1587074658
x-ratelimit-limit
10s
x-rack-cache
fresh
expires
Wed, 22 Apr 2020 13:01:58 GMT
platform.js
cdn.embedly.com/widgets/
71 KB
22 KB
Script
General
Full URL
https://cdn.embedly.com/widgets/platform.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.90.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2752aa19835e890dc1e6b573400160708812035495898599c651fe0947280674

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 22 Apr 2020 13:01:58 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
B691616D83446691
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
t1dLTtcuP5DngiiU04d3Kgw7VF91kR7Ob0OzQowO6D3qefN8muZABsi4R408n9cikz8HG9cE+v8=
CF-RAY
587f89577ee5cd87-CDG
Last-Modified
Thu, 23 Jan 2020 20:56:31 GMT
Server
cloudflare
ETag
W/"fafe8010d7f162a8122738ef88644e77"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
x-amz-version-id
M4_NQYOkFvYl0EHhUxDwAV5hlmW9kpy6
Cache-Control
public, max-age=300
cf-request-id
0243942aaf0000cd87f33c0200000001
Content-Type
application/javascript
Expires
Wed, 22 Apr 2020 13:06:58 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4196) /
Resource Hash
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 22 Apr 2020 13:01:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:48:50 GMT
Server
ECS (fcn/4196)
Age
482
Etag
"bfee88d079c2668aea5525e2d719ba90+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
29121
plusone.js
apis.google.com/js/
48 KB
19 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c763d7a97b77a30e3a372b33399781df13057447b31f4a8434018ca0425e84d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PL/z5uSK2e1RRBkIiiFI2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"5f9d292e21463dcdac45eb1487faa3a1"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-PL/z5uSK2e1RRBkIiiFI2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 22 Apr 2020 13:01:58 GMT
mir8sij.js
use.typekit.net/
19 KB
8 KB
Script
General
Full URL
https://use.typekit.net/mir8sij.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
172ca9c5b313dd7d5233ad1d6259af6010693566d8cf7eefb3ca98d246c3f588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Wed, 22 Apr 2020 13:01:58 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7494
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2811
date
Wed, 22 Apr 2020 12:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
17168
expires
Wed, 22 Apr 2020 14:15:07 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,400i,700,700i,900
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
650384
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Thu, 15 Apr 2021 00:22:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,400i,700,700i,900
Origin
https://www.protectnsfrontline.ca

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
653699
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1402541174&utmhn=www.protectnsfrontline.ca&utme=8(Page%20type)9(Basic)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Protect%20NS%20Frontline%20Workers&utmhid=280146444&utmr=-&utmp=%2F&utmht=1587560518115&utmac=UA-43742317-10&utmcc=__utma%3D1.795354591.1587560518.1587560518.1587560518.1%3B%2B__utmz%3D1.1587560518.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=2017835167&utmredir=1&utmu=qxQAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Apr 2020 13:01:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
18803.js
engage.newmode.net/embed/6624/
4 KB
2 KB
Script
General
Full URL
https://engage.newmode.net/embed/6624/18803.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:d400:6:848:5140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fb5633da5a282eb1f18ad0fdc3bc1e4b0f500e7f651c2f44b4d3c12b74b799ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
status
200
last-modified
Wed, 22 Apr 2020 13:01:58 GMT
server
Apache/2.4.29 (Ubuntu)
etag
"1587560518-1"
vary
Cookie,Accept-Encoding
content-language
en
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-drupal-cache
MISS
content-type
application/javascript
x-amz-cf-id
0Wz4pwVhPM-aAMP_FxfgHbO7WabK19SOmYdyra8OVWPra5pL5ioXTA==
expires
Sun, 19 Nov 1978 05:00:00 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,400i,700,700i,900
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 15 Apr 2020 01:32:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
646150
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Thu, 15 Apr 2021 01:32:48 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,400i,700,700i,900
Origin
https://www.protectnsfrontline.ca

Response headers

date
Fri, 03 Apr 2020 02:39:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
1678968
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13732
x-xss-protection
0
expires
Sat, 03 Apr 2021 02:39:10 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.8.2/css/solid.css
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
last-modified
Tue, 07 May 2019 16:51:05 GMT
server
NetDNA-cache/2.2
status
200
etag
"64b3e814a66c2719b15abf8f7998bd73"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74328
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0a24230c2b3cf2299008e9ceae2df5931b6658035c5ea34baebc52941b65afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
8cNUsMmsw5+8tNgpIiNzJQ==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
1780
etag
"53d46d3b29cd172b4e1f8b6f82522e56"
x-fb-debug
/o+Jk2BxnGZCzRD3C2lmnIe4lds1nhH3NZbZRlP78Siw51+0cjUAuumyn7dbsfxC+F6c5w/MBqT0v9IYeRZZrw==
x-fb-trip-id
1850256238
x-fb-content-md5
7961ff8ba7d62e164941842159346a33
x-frame-options
DENY
date
Wed, 22 Apr 2020 13:01:58 GMT, Wed, 22 Apr 2020 13:01:58 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 22 Apr 2020 13:06:59 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/
141 KB
49 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf37b78fd604e647f57bec664ab832197cdee0e87ed3c16bb8ae3f428c9554a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 06:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 19:43:27 GMT
server
sffe
age
195787
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
50286
x-xss-protection
0
expires
Tue, 20 Apr 2021 06:38:51 GMT
sdk.js
connect.facebook.net/en_US/
394 KB
115 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a9076b10ddd045fb24dd14512c072ed4&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5722e11cdfc0d21fb2aa542cc69548406240ea7f94e8711c3ddb81a5ce5fb01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2lWoZxeKJlCYIbUm3P0pcw==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
117071
etag
"b7915d80eb1cf6e2ede8b3e95b4ab3d3"
x-fb-debug
pHSukevbNCQynQ22kJ4vZJbctjuslHpJX0ekf/sZOKyfOKLLnHQ6H9PI3fkTY+NmXNfNbRVIF2OKFQBId4Serg==
x-fb-trip-id
1850256238
x-fb-content-md5
63f25c0fe34a29c33ac29555d4095673
x-frame-options
DENY
date
Wed, 22 Apr 2020 13:01:58 GMT, Wed, 22 Apr 2020 13:01:58 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 22 Apr 2021 12:46:59 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=126739610711965&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.protectnsfrontline.ca%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a9076b10ddd045fb24dd14512c072ed4&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
Phm5xq6XEADU0Fnf3vsOm7x6vqPblyH8h0XeP9HWVdVidgYlgianuaK3AJqcmj4IeAGj4MdcB99bfDki6t9BZg==
fb-s
unknown
status
200
date
Wed, 22 Apr 2020 13:01:58 GMT, Wed, 22 Apr 2020 13:01:58 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.protectnsfrontline.ca
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/
19 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mir8sij.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
server
nginx
etag
"642d9266d1f9c63e0e36cec5fe51c6a1134c359a"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
19916
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/
20 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mir8sij.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a2f6fec90f9b0079aad59d497fa75796162208996aa12a56b65ad4dc2cb07053

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
server
nginx
etag
"7a571531ba8746780d4709c32909a81a6b90fc36"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
20572
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mir8sij.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
server
nginx
etag
"2c0b6e23328e638bb18899aafbc85ad950333c16"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
19364
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/
20 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mir8sij.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
server
nginx
etag
"1ba84f7704212796fc4339b5d2f9857087d10fca"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
20072
l
use.typekit.net/af/20a4c3/00000000000000003b9aee52/27/
30 KB
30 KB
Font
General
Full URL
https://use.typekit.net/af/20a4c3/00000000000000003b9aee52/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mir8sij.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
926d935acb830c078ff0e478f409c3cd40540795c59a66e2b19e1eae0efe836d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/
Origin
https://www.protectnsfrontline.ca

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
server
nginx
etag
"7e32fd29c4f0f985d4ee9538f37b63b584c538a2"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
30904
widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame EE31
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fwww.protectnsfrontline.ca
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.protectnsfrontline.ca/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
559392
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Apr 2020 13:01:58 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Tue, 07 Apr 2020 20:47:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B4)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
sp.js
c.shpg.org/392/
26 KB
7 KB
Script
General
Full URL
https://c.shpg.org/392/sp.js
Requested by
Host: engage.newmode.net
URL: https://engage.newmode.net/embed/6624/18803.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a3a4621eea5e188b694310b35a7296017d1d6398c39f63c90f780338e813561
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
6781
cf-polished
origSize=34926
status
200
content-encoding
br
cf-request-id
0243942c4b000016ee2f2ca200000001
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
max-age=1800
cf-ray
587f895a1de116ee-FRA
pym.v1.min.js
blog.apps.npr.org/pym.js/dist/
9 KB
3 KB
Script
General
Full URL
https://blog.apps.npr.org/pym.js/dist/pym.v1.min.js
Requested by
Host: engage.newmode.net
URL: https://engage.newmode.net/embed/6624/18803.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
03bee25d2013a8de98c79a4147ddac21fc1592ea
date
Wed, 22 Apr 2020 13:01:59 GMT
content-encoding
gzip
age
0
x-cache
HIT
status
200
content-length
2831
x-served-by
cache-hhn4032-HHN
access-control-allow-origin
*
last-modified
Fri, 15 Feb 2019 17:52:08 GMT
server
GitHub.com
x-github-request-id
3FEA:733A:19F960:20D92F:5E99BC8A
x-timer
S1587560519.948030,VS0,VE91
etag
W/"5c66fc48-234a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 17 Apr 2020 14:26:21 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
1
p.gif
p.typekit.net/
35 B
201 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=mir8sij&ht=tk&h=www.protectnsfrontline.ca&f=139.140.175.176.6907&a=362029&js=1.19.2&app=typekit&e=js&_=1587560518770
Requested by
Host: www.protectnsfrontline.ca
URL: https://www.protectnsfrontline.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://www.protectnsfrontline.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 13:01:58 GMT
last-modified
Thu, 07 Feb 2019 19:30:27 GMT
server
nginx
etag
"5c5c8753-23"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
35
expires
Fri, 16 Aug 2019 08:20:58 GMT
18803
engage.newmode.net/nm-letter/6624/ Frame 404B
0
0
Document
General
Full URL
https://engage.newmode.net/nm-letter/6624/18803?initialWidth=350&childId=newmode-embed-6624-18803&parentTitle=Protect%20NS%20Frontline%20Workers&parentUrl=https%3A%2F%2Fwww.protectnsfrontline.ca%2F
Requested by
Host: blog.apps.npr.org
URL: https://blog.apps.npr.org/pym.js/dist/pym.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:d400:6:848:5140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
engage.newmode.net
:scheme
https
:path
/nm-letter/6624/18803?initialWidth=350&childId=newmode-embed-6624-18803&parentTitle=Protect%20NS%20Frontline%20Workers&parentUrl=https%3A%2F%2Fwww.protectnsfrontline.ca%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.protectnsfrontline.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.protectnsfrontline.ca/

Response headers

status
200
content-type
text/html; charset=utf-8
date
Wed, 22 Apr 2020 13:01:59 GMT
set-cookie
AWSALB=pvOK4uuLao3Wd7gF1VVe+bKpK9VsLc4M+htm38C7bmduMc26ca1jfAWFY71WNFawkBrQCFKlR5Ey6+U7+fPtvuSxHb9LpPtUhW9c7egUk+AkKN5vF5OmAlnXNjtJ; Expires=Wed, 29 Apr 2020 13:01:59 GMT; Path=/ AWSALBCORS=pvOK4uuLao3Wd7gF1VVe+bKpK9VsLc4M+htm38C7bmduMc26ca1jfAWFY71WNFawkBrQCFKlR5Ey6+U7+fPtvuSxHb9LpPtUhW9c7egUk+AkKN5vF5OmAlnXNjtJ; Expires=Wed, 29 Apr 2020 13:01:59 GMT; Path=/; SameSite=None; Secure SSESS48a9de829d6e99069e9769e50b1ab5e2=yHTQCXZ2uME9Lpx1pnEOfE2_LxLspzQirYBZJk5N-p8; expires=Fri, 15-May-2020 16:35:19 GMT; Max-Age=2000000; path=/; domain=.engage.newmode.net; secure; HttpOnly
server
Apache/2.4.29 (Ubuntu)
x-drupal-cache
MISS
x-content-type-options
nosniff
content-language
en
x-generator
Drupal 7 (https://www.drupal.org)
link
<https://engage.newmode.net/nm-letter/6624/18803>; rel="canonical",<https://engage.newmode.net/nm-letter/6624/18803>; rel="shortlink"
cache-control
public, max-age=3600
expires
Sun, 19 Nov 1978 05:00:00 GMT
content-encoding
gzip
etag
"1587560519-1"
last-modified
Wed, 22 Apr 2020 13:01:59 GMT
vary
Cookie,Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
BKMXNIMbtFgo1lV59fM5G5GQaJ_JWOYPPH3b6NqSaxa9ebSvpFY7XA==

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| _sf_startpt object| NB string| _auth_token_name string| _auth_token function| tweetCharacterCounter function| $j function| $ function| jQuery function| _ object| twttr object| _gaq function| ES6Promise function| lodash function| MediaHandler object| media function| objectFitImages function| SimpleScrollbar function| BezierEasing function| printJS object| __twttrll object| __twttr object| _gat object| gaGlobal function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _defineProperties function| _createClass function| _instanceof function| _typeof function| _classCallCheck function| _possibleConstructorReturn function| _assertThisInitialized function| _inherits function| _wrapNativeSuper function| isNativeReflectConstruct function| _construct function| _isNativeFunction function| _setPrototypeOf function| _getPrototypeOf function| NavError function| Nav function| twShareCustom function| fbShare function| lShare function| eShare function| getNumber function| numberWithCommas function| getParameterByName function| is_all_ws object| flashContainer object| flashObserver function| fbAsyncInit object| GeoMap object| TinyMCERails object| tinymce number| mce-data-1e6gvm4g9 object| tinyMCE function| Popper object| bootstrap object| bsCustomFileInput object| gapi object| ___jsl object| FB object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| locals function| autocomplete object| Typekit object| libringEventAPI function| embedly string| $p_url string| $p_cached_url number| $p_org_id boolean| $p_session_only boolean| $p_supports_do_not_track number| $p_fb_app_id string| $p_fb_app_domain object| $p_source_param function| get_link_param function| strTrim object| SharePop object| pym boolean| isReady object| request object| preset_pages

7 Cookies

Domain/Path Name / Value
.newmode.net/ Name: _dc_gtm_UA-1-1
Value: 1
.newmode.net/ Name: _dc_gtm_UA-62738104-2
Value: 1
.newmode.net/ Name: _gid
Value: GA1.2.2008603611.1587560521
engage.newmode.net/ Name: AWSALBCORS
Value: FvTEEvv/Tz1rQWWk/M6E5eI1d5v9gM10f3R6FjcGFD+4Hpz47Eh2p89O0/xuUOB1kdM9YWJpovgMDi8dLruRQ7nusSovpjKINZelAzmvDr/3phvmLvcysZPSRRhk
engage.newmode.net/ Name: AWSALB
Value: FvTEEvv/Tz1rQWWk/M6E5eI1d5v9gM10f3R6FjcGFD+4Hpz47Eh2p89O0/xuUOB1kdM9YWJpovgMDi8dLruRQ7nusSovpjKINZelAzmvDr/3phvmLvcysZPSRRhk
.newmode.net/ Name: _ga
Value: GA1.2.1481288062.1587560521
engage.newmode.net/ Name: has_js
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
blog.apps.npr.org
c.shpg.org
cdn.embedly.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
d3n8a8pro7vhmx.cloudfront.net
engage.newmode.net
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
platform.twitter.com
polyfill.io
printjs-4de6.kxcdn.com
protectnsfrontline.ca
ssl.google-analytics.com
unifortheunion.nationbuilder.com
use.fontawesome.com
use.typekit.net
www.facebook.com
www.protectnsfrontline.ca
104.16.90.50
13.225.78.54
185.199.110.153
2.16.110.50
23.111.9.35
23.60.16.13
2600:9000:21f3:d400:6:848:5140:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:ebd
2606:4700::6810:5714
2606:4700::6810:85e5
2a00:1450:4001:806::200a
2a00:1450:4001:809::2008
2a00:1450:4001:816::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::621
2a0b:4d07:101::1
95.100.67.47
96.45.83.119
0015c5b41a2ac22883833accf1e65adc711250af40cc196c75fe181d0f1359fa
004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05f9519d4187eccfe41c01ac0f4c90aaa757feb1d511170646395db66787bbb2
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b04e61b106f9e360f7d5a5b59c9a23d3624f5e7a8766da1575b24c42d4c61ff
0c763d7a97b77a30e3a372b33399781df13057447b31f4a8434018ca0425e84d
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
172ca9c5b313dd7d5233ad1d6259af6010693566d8cf7eefb3ca98d246c3f588
188cd1458b5b5d6cd096904983984f2721bb8ea7eada3c7d9e85b7a14bdc0f41
1bf3d7d14fcb0ef6eb6f55fc3a7461c6a789aaa3ef416a9498bcb6cd308c9a7d
1fda1c84c9a5dcb87a144fca2935057f0da10fb9b173d73ca57a2a7c8b28e599
2752aa19835e890dc1e6b573400160708812035495898599c651fe0947280674
2bc473e85a3b5bff756778e9d7b5e81604aa7d42207eb1d213e7b1a260c81dd8
2eab24b5907bc9ff5a98c9a39d0f098e0320331d520cd713780dc156f58e6545
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
415082a70379afc2a16d2c4bbeada372ab27f1f24682d7d4a59fff2a9ced5ad8
41c0e9e5eb8e3a2d8cd78c9adbcd7bcf74aae206d992c4e5358d0b6e519e4c06
4a3a4621eea5e188b694310b35a7296017d1d6398c39f63c90f780338e813561
4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526
53b47fc5f0abd8bc8d67691d22a79125a46b2c20710da86aaf78ced00aae9b59
5722e11cdfc0d21fb2aa542cc69548406240ea7f94e8711c3ddb81a5ce5fb01f
579390170916a0b125c2b8a710dc755eb835074a634b28bcf6aa060b04d31237
57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761
5933ca9aee7cce19e2f42b12d7b23307ff8b192c7ce5c5b3b38a448deb6d3409
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6
7428e3698198ebca285e286986c3a018a646df25cc27d78b305986197446dc5b
7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
926d935acb830c078ff0e478f409c3cd40540795c59a66e2b19e1eae0efe836d
96cc638ee9da14c8c758c5a22825cfe017fc0f3ea370b00357b9a3cfe6239c03
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a2c5de2dc3fdcedf7bfff778212a499b4db24d95e0d106446476ee9ab08f8300
a2f6fec90f9b0079aad59d497fa75796162208996aa12a56b65ad4dc2cb07053
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ada2b394e1af51a0fdf9f541098832cb60301321f635b9417507bad9bc560cec
b396bc3060f564adea925490b471c07416e93b1b775c274c77cfd4ae8f225ba0
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
bf948f638246715e7ac5fd2f67b64321268d8d4440e187f2d26a33a0805de17d
cf37b78fd604e647f57bec664ab832197cdee0e87ed3c16bb8ae3f428c9554a8
d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5
d6831db8fb2725c2a6edee1f56ed4b6e7dea0a3e97da406651669329390d4a14
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
e0a24230c2b3cf2299008e9ceae2df5931b6658035c5ea34baebc52941b65afa
e51464cf9d6af308f7ab7479b3e294255d6bff7cff5e4700263cc6637f51b417
e828f7d44c2d496bb45026042f9061d0f5d2cc265239693c24336f6b9c14b087
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54
fb5633da5a282eb1f18ad0fdc3bc1e4b0f500e7f651c2f44b4d3c12b74b799ac