urlscan.io logo urlscan.io
SecurityTrails logo

www.leafythings.com Open in urlscan Pro
52.60.153.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cbc-ca-news24.tumblr.com/
Effective URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Submission: On April 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 56 HTTP transactions. The main IP is 52.60.153.228, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is www.leafythings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 22nd 2020. Valid for: 2 years.
This is the only time www.leafythings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    74.114.154.18 (Ashburn, United States)

ASN2635 (AUTOMATTIC, US)
cbc-ca-news24.tumblr.com
8    192.0.77.40 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
assets.tumblr.com
static.tumblr.com
10    52.60.153.228 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
www.leafythings.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    2600:9000:21f3:3600:1b:ab56:eac0:21 (United States)

ASN16509 (AMAZON-02, US)
dz8osaahf9pd7.cloudfront.net
1    184.25.114.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-114-180.deploy.static.akamaitechnologies.com
i.cbc.ca
5    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
17 dz8osaahf9pd7.cloudfront.net www.leafythings.com
10 www.leafythings.com cbc-ca-news24.tumblr.com
www.leafythings.com
6 assets.tumblr.com cbc-ca-news24.tumblr.com
5 www.gstatic.com www.google.com
5 www.google.com www.leafythings.com
www.gstatic.com
www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net www.leafythings.com
connect.facebook.net
2 static.tumblr.com cbc-ca-news24.tumblr.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com www.leafythings.com
1 i.cbc.ca www.leafythings.com
1 www.googletagmanager.com www.leafythings.com
1 cbc-ca-news24.tumblr.com
56 14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
apps.apple.com
play.google.com
Subject Issuer Validity Valid
*.tumblr.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-26 -
2022-06-28		 2 years crt.sh
tumblr.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-09 -
2022-04-14		 2 years crt.sh
leafythings.com
Go Daddy Secure Certificate Authority - G2		 2020-02-22 -
2022-02-22		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
secure.cbc.ca
GeoTrust RSA CA 2018		 2021-02-24 -
2021-04-28		 2 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Frame ID: B0DBC0AC5EA1B1476C1E416C2169AD12
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
Frame ID: 2D1085099ED658A232B28CEDDE576D56
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=yojlf1irlgb1
Frame ID: 50AF36C5B59469E2E2A148F91A71DABD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cbc-ca-news24.tumblr.com/ HTTP 307
    https://cbc-ca-news24.tumblr.com/ Page URL
  2. https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexua... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

56
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

2028 kB
Transfer

4442 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cbc-ca-news24.tumblr.com/ HTTP 307
    https://cbc-ca-news24.tumblr.com/ Page URL
  2. https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cbc-ca-news24.tumblr.com/ HTTP 307
  • https://cbc-ca-news24.tumblr.com/

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cbc-ca-news24.tumblr.com/
Redirect Chain
  • http://cbc-ca-news24.tumblr.com/
  • https://cbc-ca-news24.tumblr.com/
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
74.114.154.18 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
openresty /
Resource Hash
fbd77018cf0a600b6f88155c69c27c4527e20fb8dd10ddcf9f388e57084fcfe7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cbc-ca-news24.tumblr.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Thu, 01 Apr 2021 04:34:12 GMT
content-type
text/html; charset=UTF-8
content-length
8488
x-rid
f2965bdd0224a5f8d6c99e540fd54991
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=15552001
content-security-policy
upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
x-tumblr-user
cbc-ca-news24
x-tumblr-pixel-0
https://px.srvcs.tumblr.com/impixu?T=1617251652&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2NiYy1jYS1uZXdzMjQudHVtYmxyLmNvbS8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6Ii8ifQ==&U=ADDEOIHEJD&K=e0a9f0267ab391f0a1e7a199052019ab1d2842014cefc57481e9fe5e936c8269
x-tumblr-pixel
1
link
<https://assets.tumblr.com/images/default_avatar/cone_open_128.png>; rel=icon
set-cookie
pfg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tumblr.com; secure; HttpOnly
x-ua-compatible
IE=Edge,chrome=1
content-encoding
br
x-ua-device
desktop
vary
X-UA-Device, Accept, Accept-Encoding
accept-ranges
bytes

Redirect headers

Location
https://cbc-ca-news24.tumblr.com/
Non-Authoritative-Reason
HSTS
pre_tumblelog.js
assets.tumblr.com/assets/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
content-encoding
br
last-modified
Wed, 21 Oct 2020 05:06:35 GMT
server
nginx
etag
W/"5f8fc1db-c3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.build.css
assets.tumblr.com/client/prod/standalone/blog-network-npf/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=a6c4ad40cdc663ad83f8a1bbc8aeedc6
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
content-encoding
br
last-modified
Mon, 04 Jan 2021 22:59:53 GMT
server
nginx
etag
W/"5ff39de9-25fe"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-min.css
static.tumblr.com/ryx1vdv/Pzbqkttjt/ 		76 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/ryx1vdv/Pzbqkttjt/main-min.css
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
last-modified
Fri, 04 Dec 2020 17:50:19 GMT
server
nginx
etag
"773377310635180afc063610cb5529c5"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
77549
tumblelog_post_message_queue.js
assets.tumblr.com/assets/scripts/ 		355 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
content-encoding
br
last-modified
Sun, 01 Nov 2020 05:00:47 GMT
server
nginx
etag
W/"5f9e40ff-163"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
stylesheet.css
assets.tumblr.com/fonts/gibson/ 		2 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
content-encoding
br
last-modified
Wed, 21 Oct 2020 05:06:35 GMT
server
nginx
etag
W/"5f8fc1db-97e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cone_open_128.png
assets.tumblr.com/images/default_avatar/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.tumblr.com/images/default_avatar/cone_open_128.png
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
last-modified
Sun, 01 Nov 2020 05:26:35 GMT
server
nginx
etag
"5f9e470b-e7d"
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
content-length
3709
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-min.js
static.tumblr.com/ryx1vdv/lXRqktt8c/ 		126 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/ryx1vdv/lXRqktt8c/main-min.js
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
last-modified
Fri, 04 Dec 2020 17:43:25 GMT
server
nginx
etag
"ebda9540b43f5379c2699e275a836f63"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
129134
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ 		698 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=f3fb5dbb23253ba13bb13591156de3e0
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://cbc-ca-news24.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 04:34:13 GMT
content-encoding
br
last-modified
Thu, 11 Mar 2021 21:12:23 GMT
server
nginx
etag
W/"604a87b7-ae8a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request Cookie set federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
www.leafythings.com/blog/ 		88 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Requested by
Host: cbc-ca-news24.tumblr.com
URL: https://cbc-ca-news24.tumblr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
a0f8fd5b5573a67105432560b0a87c614d524ebd4dd692a51924831291268a2f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.leafythings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://cbc-ca-news24.tumblr.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cbc-ca-news24.tumblr.com/

Response headers

Date
Thu, 01 Apr 2021 04:34:13 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
Cache-Control
no-cache, private max-age=0, no-cache, s-maxage=10
X-RateLimit-Limit
30
X-RateLimit-Remaining
29
Set-Cookie
XSRF-TOKEN=eyJpdiI6IndcL2h0Tmx5bGRXdTl5eVZsVzlPd1wvUT09IiwidmFsdWUiOiJvMkZqcyt0eHRkNWN5d253b21QSFdDWnNaR3d6ZnhBMXVpY05wXC94Smd5ZGpcL0pkZGFIU0Q5TUM3cWFZTTZJVGcwbWVldUF3RE9ZT2hTVWlWeEpESklYKzc2RkZET3pIOHQweWhiVWl5Q2xGS0tKbFBIcElSQUlYZXVEdU9XeE9cLyIsIm1hYyI6IjcyNWFhYTJhMDRiYjJiZjMxODRmNTU1NmJiNGNmYWIwOWFiNDEzZjQyZmVjMjIyNTdkMjE1Y2UzOGVjZjAwZjMifQ%3D%3D; expires=Thu, 01-Apr-2021 06:34:14 GMT; Max-Age=7200; path=/ leafythings_session=eyJpdiI6ImJpU1NVYXFpMzM1NmplZGhlNzhNU0E9PSIsInZhbHVlIjoiMFRsM1JsYUhLakhKVUJYY2xqYTZ4TjJKNXB3YmFYSDlmWHF2VU1id1ZVQ2ZNbCttUzVGVlZYXC9ENUlkTEtvQWhVV1dVa1NTZk9hU1o4b0g1Rkk2anVEMksySFRuZG9XZXc2K1ArXC9ZVFptMk9UbENZTVVCRHFYdVdJZ1FhUTMxUyIsIm1hYyI6Ijk2MDQ4OTU3ODM4ODE4OTZlMzhlZWI3MGRlYmI5NWM5YWI0NzRiMjA3ODU2ZGZhYzkwZTU5NzIyNzZmYTE5YTEifQ%3D%3D; expires=Thu, 01-Apr-2021 06:34:14 GMT; Max-Age=7200; path=/; httponly
X-Frame-Options
SAMEORIGIN
X-Mod-Pagespeed
1.13.35.2-0
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
12807
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
app.css
www.leafythings.com/css/ 		151 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/css/app.css?id=9552fe2794e35451dc9d
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
01cad88d9f6f5a2859e20ef10e693ae43fcc09b20dc0dcc39aac8d7b2a6720a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 04:34:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 30 Mar 2021 10:16:06 GMT
Server
Apache
ETag
"25ac2-5bebe494d0d9e-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
24999
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153651009-1
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df0905d49441dc565428e1360a92a0621330bb49745afa342921d017084a1c74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 04:34:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39083
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Apr 2021 04:34:14 GMT
Logo_SuiteForestGreen.png
dz8osaahf9pd7.cloudfront.net/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/Logo_SuiteForestGreen.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d44204bbe591689e3e0226a948618e0e3224cc7f47d0a79916b5dc3a6a64963

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 08:46:20 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
1280874
x-amzn-requestid
0620d589-79ee-4ebc-90f4-abc0f07f8c42
x-cache
Hit from cloudfront
x-amz-apigw-id
cUs6VH6_oAMF06g=
content-length
5512
last-modified
Tue, 10 Nov 2020 15:12:46 GMT
x-amzn-trace-id
Root=1-6051c1db-216a18a85efd9fc34fef124e;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
eJC3-QzBEE7q9vvvkfBNZn5RU-Wssj062o_IF48QguksDV7b3gnlTw==
89.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/storage/images/blog/primary/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/storage/images/blog/primary/89.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e4d5e80358f5a15b62b7e4418205d2e38efa5ffc5c3d5990c5a2878228014dff

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:45:57 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
60497
x-amzn-requestid
5e8acc99-a8cd-4b30-a8d5-14f78c26cdcd
x-cache
Hit from cloudfront
x-amz-apigw-id
dDQWSGhfIAMF4zg=
content-length
57354
last-modified
Wed, 31 Mar 2021 11:45:48 GMT
x-amzn-trace-id
Root=1-606460f4-3dfd3f3a00341b1b7b8e1743;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
cY6BmSq9Wn8oo2FuR3pDen5G7nkGCCUOU3I4SmIqhpqybNgEBWiCVA==
sylvie-corriveau.jpg
i.cbc.ca/1.4983753.1547830258!/fileImage/httpImage/image.jpg_gen/derivatives/original_780/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cbc.ca/1.4983753.1547830258!/fileImage/httpImage/image.jpg_gen/derivatives/original_780/sylvie-corriveau.jpg
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-180.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
695122ebf0b1cfbecb240ef10bc494923127cd381ddcd3805a038bea0bff52a3

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 04:34:14 GMT
cache-control
no-transform, max-age=43200
last-modified
Thu, 19 Nov 2020 15:56:31 GMT
server
Akamai Image Manager
content-type
image/webp
content-length
55336
expires
Thu, 01 Apr 2021 16:34:14 GMT
95.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/95.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0024445b4719a6d3bdc7b2a025eb02fc2a2a5fb92a4d3b1b19a0ecfd7808c125

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:59:04 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
59710
x-amzn-requestid
5b7804a5-b421-48b9-9eaf-9dcc4d642bf8
x-cache
Hit from cloudfront
x-amz-apigw-id
dDSROHsJIAMFrLA=
content-length
15896
last-modified
Wed, 31 Mar 2021 11:55:38 GMT
x-amzn-trace-id
Root=1-60646407-7cbbac755a0e0d062a4114e3;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
JIbeALYqdm7rMF6AAyxlnxhsIV09aARTNrhPBiYtjkIH--ywuF18wA==
93.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/93.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5bfe39932d2fd1b3cb67ff75d7cb31370681ec5e3b569ba88667be107b2f0b59

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:55:45 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
59909
x-amzn-requestid
56e99c65-a2c4-4464-9586-f1777a4d61ee
x-cache
Hit from cloudfront
x-amz-apigw-id
dDRyJEAXIAMFcPg=
content-length
9254
last-modified
Wed, 31 Mar 2021 11:53:28 GMT
x-amzn-trace-id
Root=1-60646340-7ad01ee737586af536e7f6fb;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
40_agXh-HZwivjAaH0wSMgvyvqt9wTip1018h01r3udGsimPuxE47A==
92.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/92.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
31f8e263f3521b98cbe9788c2d01a5b1385844845bded036392be4947c490725

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:53:35 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
60039
x-amzn-requestid
eee8a5a7-af38-443c-a1d4-d245c1edc785
x-cache
Hit from cloudfront
x-amz-apigw-id
dDRd1H2ZoAMFhUw=
content-length
10270
last-modified
Wed, 31 Mar 2021 11:52:16 GMT
x-amzn-trace-id
Root=1-606462be-5ee3b2f05532610b6dcfa8c4;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
q8D1VDug4T4_tQcm8dI507NKar6pXGZpRZ4McbnF4tmm66E8rAZD2A==
91.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/91.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b17c1013c7bef3f7649bb4717ae714605df8d2bbb02aee9cf8760026d5ec49c

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:52:23 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
60111
x-amzn-requestid
c1cec2f3-f3b8-43b6-be63-45fcbc832a69
x-cache
Hit from cloudfront
x-amz-apigw-id
dDRSnEIRIAMFskg=
content-length
17452
last-modified
Wed, 31 Mar 2021 11:49:43 GMT
x-amzn-trace-id
Root=1-60646277-3219fcda277299344ea5e569;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
SncoqhlO0a0EzlX91axARsta2hRpXDnItRMiAdKk6tH94WwWvH6jNg==
90.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/90.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f29da3e58cf64058ba08753f246d5135caa74ac8ae05f089ac1b2bc050ea84a2

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:49:54 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
60260
x-amzn-requestid
5e1e19c9-e699-448e-8843-f08e9b0ae0ac
x-cache
Hit from cloudfront
x-amz-apigw-id
dDQ7RFL_IAMFuDQ=
content-length
4638
last-modified
Wed, 31 Mar 2021 11:47:23 GMT
x-amzn-trace-id
Root=1-606461e1-4353d8bf3aa1daab1e0bf32e;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
OW6lDThHwY5VdBqocvbJeJeClERYR7R1pIxHlrUSAAxCOMbu105HFw==
88.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/88.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
afcba8832a607ce3bf9d0d7fe0169f883543ef4b44a72d27329591b16cb4546c

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:45:57 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
60497
x-amzn-requestid
041fd037-9db5-4548-8b8f-8af0b95973ef
x-cache
Hit from cloudfront
x-amz-apigw-id
dDQWUG-OIAMF5EA=
content-length
6494
last-modified
Wed, 31 Mar 2021 11:44:31 GMT
x-amzn-trace-id
Root=1-606460f5-373d4fa910cd8cfa11771e5b;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
F1QAwG-p53z5GMD8QoVIexF7CMdNRulPOde1oOZ72DJQ_3fkLn0kfw==
Screenshot_88.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/Screenshot_88.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7ae994006322dce2159402897b6ad80bf2d23d41bcc02ea7525a2b5966d320f7

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:41:28 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
60766
x-amzn-requestid
f62e4ce7-b9d4-428e-9b46-35f1c4510485
x-cache
Hit from cloudfront
x-amz-apigw-id
dDPsQGn2IAMFQbA=
content-length
11364
last-modified
Wed, 31 Mar 2021 11:37:42 GMT
x-amzn-trace-id
Root=1-60645fe7-0ad025f66c35bffc68daab11;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
dat1lo87xw4Mdn-_U2hehfKy0jAAmQCLYJKQSMm8xXyUWKkxwE7I4w==
87.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/87.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b3bdcf7893569fcd8283032c2bba2528dd0be1e0eadaa6c43d8b90dfa9a4b80a

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:37:54 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
60980
x-amzn-requestid
1ab5a934-cf76-43f7-a306-6e193b4b7bab
x-cache
Hit from cloudfront
x-amz-apigw-id
dDPK0FbzIAMF1NQ=
content-length
6092
last-modified
Wed, 31 Mar 2021 11:35:55 GMT
x-amzn-trace-id
Root=1-60645f11-44cc86da383c8b181bf81bf6;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
bDIBSaBESNtOhx-KG9kPGdmpAKLTBu6z_aLgEKkwQP9Hov1nSoGc-g==
86.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/86.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ee6300a908f77c88f3e02c183bf9565ad4b50f31885441a703111caf0f9ba9c6

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:36:09 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
61085
x-amzn-requestid
1c669d47-d726-4d03-8f35-46628e8dbd22
x-cache
Hit from cloudfront
x-amz-apigw-id
dDO6WHOEIAMFajA=
content-length
9170
last-modified
Wed, 31 Mar 2021 11:34:56 GMT
x-amzn-trace-id
Root=1-60645ea8-1cadeac036697eac35ac1eb9;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
SSPJ55vQ0wEgNjoT2UC70nynCf4WTn1GrLaJx6jQV0fVOV-ybnFJYA==
85.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/85.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1c168733c62a93c81a834ed1d7f538e99c2e5e96278d975cdce64e8a2eb6bdb

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:35:04 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
61150
x-amzn-requestid
f886ae57-6af7-4299-ae99-ca63639d2bbb
x-cache
Hit from cloudfront
x-amz-apigw-id
dDOwQGnVIAMFSww=
content-length
12368
last-modified
Wed, 31 Mar 2021 11:33:52 GMT
x-amzn-trace-id
Root=1-60645e67-2251ef776ed73df6139d8357;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
kjHISUo0aHB2eS4zcBRqcXxKIpEXWPTDMdu5YVXzdU5ONm_N2IWepw==
emailIcon.png
dz8osaahf9pd7.cloudfront.net/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/emailIcon.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dd66790b560c209e8728695755cb004a2b9718ef3547f7503f78dbd993536d0b

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 07:22:17 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
4223517
x-amzn-requestid
250f3283-e860-4636-a37f-83c213870d6c
x-cache
Hit from cloudfront
x-amz-apigw-id
akcucE0hIAMFRKA=
content-length
2130
last-modified
Tue, 10 Nov 2020 17:01:07 GMT
x-amzn-trace-id
Root=1-6024db29-73769dc75cd415c74230440b;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
miTomnGHYTRBVkwKYTXg579ZADbr1Jp0YtOUlbA8jXKm6RSqIaCGgg==
FbIcon.png
dz8osaahf9pd7.cloudfront.net/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/FbIcon.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eb896fc2ebd419ffd56371d1e861b60a9f4b43a9a8787a5ba177d15a85f68110

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 00:02:42 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
4422692
x-amzn-requestid
39eb140a-b0d5-4640-8c83-4a0a4c8554ed
x-cache
Hit from cloudfront
x-amz-apigw-id
ac2dTEx1oAMFSDQ=
content-length
18668
last-modified
Tue, 10 Nov 2020 17:01:07 GMT
x-amzn-trace-id
Root=1-6021d121-17ab60365ae6c807329c2643;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
RNbcd8js9RepTbxuG5ixhkUUJAGr3YOc2gujcvk5cxSQGapMuAGw4Q==
InstaIcon.png
dz8osaahf9pd7.cloudfront.net/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/InstaIcon.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9c94441f7144c585500c71f4a1487b4f0afdb080ae0563cdc5c953a2a4d6cc47

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Feb 2021 10:29:13 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
4644301
x-amzn-requestid
97811d9a-41af-47d4-ae17-383487c9b5a2
x-cache
Hit from cloudfront
x-amz-apigw-id
aUZaoFWyIAMFvRg=
content-length
13627
last-modified
Tue, 10 Nov 2020 17:01:07 GMT
x-amzn-trace-id
Root=1-601e6f77-40e4892b4107814577f332b4;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
WD09li-QRKQSE4DtSi8M5lmsoF8BTfDDrj0RBG5l4LhtQVdSqnvMTg==
apple_store_badge2.png
dz8osaahf9pd7.cloudfront.net/images/assets/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/assets/apple_store_badge2.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de2e5b40fee871756364795172ebb15a9db29d19e65db92944c50367fbffe8d0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 07:22:17 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
4223517
x-amzn-requestid
e0769a91-ed65-4b2d-bbea-cfc36bfc5ded
x-cache
Hit from cloudfront
x-amz-apigw-id
akcuYGwDIAMF2Ug=
content-length
13218
last-modified
Tue, 15 Dec 2020 17:46:29 GMT
x-amzn-trace-id
Root=1-6024db28-667222833d3e746f00d9240c;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
UHWqyLrz3XU93r9vCVk2mn5OFXxZjGJQlAfxl1nhvUA_iyarz27zHg==
google_store_badge2.png
dz8osaahf9pd7.cloudfront.net/images/assets/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/assets/google_store_badge2.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cdb40a6bf43fb2a4839ef9e53706a0fa1f72ea0b85200cb3487900fc2eb8d11f

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 13:42:37 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age
5323897
x-amzn-requestid
42860233-d4c3-4592-876b-1da30441acec
x-cache
Hit from cloudfront
x-amz-apigw-id
Z6eQHE6UIAMFUJw=
content-length
19053
last-modified
Tue, 15 Dec 2020 17:44:11 GMT
x-amzn-trace-id
Root=1-601410cd-6aee917424ba947b590d6d97;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
OEb5_4XR9S5omSM9khkyjhbkq-UW73DD2kGCtofEFy8-uBOY5Cm7pw==
app.js
www.leafythings.com/js/ 		1 MB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/js/app.js?id=e719a11905fd5d07e795
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4521bfbf7dbf68ed30d7cafdc4801cc5c975d5580abb116aeb4bc10a8ce9371a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 04:34:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 30 Mar 2021 10:16:06 GMT
Server
Apache
ETag
"10c13e-5bebe494d0d9e-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
api.js
www.google.com/recaptcha/ 		850 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 04:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Thu, 01 Apr 2021 04:34:14 GMT
css
fonts.googleapis.com/ 		2 KB
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:500,700&display=swap
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/css/app.css?id=9552fe2794e35451dc9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72651cc2f523cfee728144c35e3b98acad4d8235ea5a4e7832839509ad29b0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 04:27:59 GMT
server
ESF
date
Thu, 01 Apr 2021 04:34:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Apr 2021 04:34:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
Kp2zCBTJlhOpbAeAaJR4hSXswf1Ch08nxIoZMVkuFSAxPaTKX1fnH1DIV9o2xUSJnTstg0njnpCir+el9/nwJg==
x-fb-trip-id
1425083115
x-frame-options
DENY
date
Thu, 01 Apr 2021 04:34:14 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.leafythings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 04:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
age
518380
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Sat, 26 Mar 2022 04:34:34 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.leafythings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 12:31:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
age
144167
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Wed, 30 Mar 2022 12:31:27 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153651009-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
1147
date
Thu, 01 Apr 2021 04:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 01 Apr 2021 06:15:07 GMT
456830754970325
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/456830754970325?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
424cc02859880bd7645acf39a6285b89db0c4aba056614ffe52ad70ab49632c3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
yyumiQAH7D3JLjbLP6S0Fco71cbtXNZ2XZ0qNLl3R71UvFCEq9ksU6TyRC7bYXNiQ4NcBruvo1ZHB8NVCqyncw==
x-fb-trip-id
1425083115
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 01 Apr 2021 04:34:14 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=2039056496&t=pageview&_s=1&dl=https%3A%2F%2Fwww.leafythings.com%2Fblog%2Ffederal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits&dr=https%3A%2F%2Fcbc-ca-news24.tumblr.com%2F&ul=en-us&de=UTF-8&dt=Federal%20Court%20approves%20class-action%20lawsuit%20claiming%20RCMP%20doctors%20sexually%20assaulted%20recruits%20%7C%20Leafythings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=819737353&gjid=1437024825&cid=12745016.1617251655&tid=UA-153651009-1&_gid=1105265266.1617251655&_r=1&gtm=2ou3o0&z=1420525234
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 04:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leafythings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-153651009-1&cid=12745016.1617251655&jid=819737353&gjid=1437024825&_gid=1105265266.1617251655&_u=IEBAAUAAAAAAAC~&z=933220261
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 01 Apr 2021 04:34:14 GMT
content-type
text/plain
access-control-allow-origin
https://www.leafythings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
comments
www.leafythings.com/blog/BLG:b29f11dd-0052-4593-bfd2-6b8f5da0b608/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/blog/BLG:b29f11dd-0052-4593-bfd2-6b8f5da0b608/comments
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/js/app.js?id=e719a11905fd5d07e795
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
X-XSRF-TOKEN
eyJpdiI6IndcL2h0Tmx5bGRXdTl5eVZsVzlPd1wvUT09IiwidmFsdWUiOiJvMkZqcyt0eHRkNWN5d253b21QSFdDWnNaR3d6ZnhBMXVpY05wXC94Smd5ZGpcL0pkZGFIU0Q5TUM3cWFZTTZJVGcwbWVldUF3RE9ZT2hTVWlWeEpESklYKzc2RkZET3pIOHQweWhiVWl5Q2xGS0tKbFBIcElSQUlYZXVEdU9XeE9cLyIsIm1hYyI6IjcyNWFhYTJhMDRiYjJiZjMxODRmNTU1NmJiNGNmYWIwOWFiNDEzZjQyZmVjMjIyNTdkMjE1Y2UzOGVjZjAwZjMifQ==
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 04:34:15 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
X-RateLimit-Remaining
27
Cache-Control
no-cache, private, s-maxage=10
Transfer-Encoding
chunked
X-RateLimit-Limit
30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
comments
www.leafythings.com/blog/BLG:b29f11dd-0052-4593-bfd2-6b8f5da0b608/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/blog/BLG:b29f11dd-0052-4593-bfd2-6b8f5da0b608/comments
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/js/app.js?id=e719a11905fd5d07e795
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
X-XSRF-TOKEN
eyJpdiI6IndcL2h0Tmx5bGRXdTl5eVZsVzlPd1wvUT09IiwidmFsdWUiOiJvMkZqcyt0eHRkNWN5d253b21QSFdDWnNaR3d6ZnhBMXVpY05wXC94Smd5ZGpcL0pkZGFIU0Q5TUM3cWFZTTZJVGcwbWVldUF3RE9ZT2hTVWlWeEpESklYKzc2RkZET3pIOHQweWhiVWl5Q2xGS0tKbFBIcElSQUlYZXVEdU9XeE9cLyIsIm1hYyI6IjcyNWFhYTJhMDRiYjJiZjMxODRmNTU1NmJiNGNmYWIwOWFiNDEzZjQyZmVjMjIyNTdkMjE1Y2UzOGVjZjAwZjMifQ==
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 04:34:15 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
X-RateLimit-Remaining
27
Cache-Control
no-cache, private, s-maxage=10
Transfer-Encoding
chunked
X-RateLimit-Limit
30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ 		332 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.leafythings.com
Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 00:25:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
age
14935
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340168
x-xss-protection
0
expires
Fri, 01 Apr 2022 00:25:20 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2D10 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f868160455e4afc0e498acf99001497d39bc485ba2cb359483796ba0a83a7f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OnsyTlctcAdw/BtTgp+gDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.leafythings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.leafythings.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 01 Apr 2021 04:34:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-OnsyTlctcAdw/BtTgp+gDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11152
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 2D10 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
age
54851
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Thu, 31 Mar 2022 13:20:04 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 2D10 		332 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 22:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20093
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132755
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 22:59:22 GMT
X8unmHfEQ3F5n2RsHjGpzlShR0zqBlJO5Q_PtwQUnPI.js
www.google.com/js/bg/ Frame 2D10 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/X8unmHfEQ3F5n2RsHjGpzlShR0zqBlJO5Q_PtwQUnPI.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fcba79877c44371799f646c1e31a9ce54a1474cea06524ee50fcfb704149cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 13:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:00:00 GMT
server
sffe
age
487037
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5716
x-xss-protection
0
expires
Sat, 26 Mar 2022 13:16:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 2D10 		102 B
240 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5mNs27FP3uLBP3KBPib88r1g
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=vjw3rfn38wyt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 04:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 01 Apr 2021 04:34:15 GMT
bframe
www.google.com/recaptcha/api2/ Frame 50AF 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=yojlf1irlgb1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bdd975f48c37ec68165940f5d358e6c34ce326cb03f8767d5a5b12431e18acbd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mOexpmJuZ+ROtnWu/9RgIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=yojlf1irlgb1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.leafythings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.leafythings.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 01 Apr 2021 04:34:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-mOexpmJuZ+ROtnWu/9RgIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 50AF 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=yojlf1irlgb1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
age
54851
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Thu, 31 Mar 2022 13:20:04 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 50AF 		332 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=yojlf1irlgb1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 22:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20093
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132755
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 22:59:22 GMT
line-awesome.min.css
www.leafythings.com/vendor/line-awesome/css/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 04:34:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Original-Content-Length
89729
Connection
Keep-Alive
Content-Length
15901
Last-Modified
Tue, 30 Mar 2021 10:16:06 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"15e81-5bebe494d9a3c-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
s-maxage=10
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Thu, 01 Apr 2021 04:39:12 GMT
mod_pagespeed_beacon
www.leafythings.com/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.leafythings.com%2Fblog%2Ffederal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 01 Apr 2021 04:34:15 GMT
Cache-Control
max-age=0, no-cache
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
X-Frame-Options
SAMEORIGIN
auth
www.leafythings.com/broadcasting/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/broadcasting/auth
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/js/app.js?id=e719a11905fd5d07e795
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
3e4134c9a95dad2228d15c9dc9179f5b121a5c3d736572b0a507883a699287c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/federal-court-approves-class-action-lawsuit-claiming-rcmp-doctors-sexually-assaulted-recruits
X-CSRF-TOKEN
YtafFjABhDDrZz6uR2cdOqv7lnrWSaM7sacwsry6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 01 Apr 2021 04:34:15 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
la-solid-900.woff2
www.leafythings.com/vendor/line-awesome/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/vendor/line-awesome/fonts/la-solid-900.woff2
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.leafythings.com
Referer
https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 04:34:15 GMT
Last-Modified
Tue, 30 Mar 2021 10:16:06 GMT
Server
Apache
ETag
"179f0-5bebe494da9dc"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
96752
la-brands-400.woff2
www.leafythings.com/vendor/line-awesome/fonts/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/vendor/line-awesome/fonts/la-brands-400.woff2
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.leafythings.com
Referer
https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 04:34:15 GMT
Last-Modified
Tue, 30 Mar 2021 10:16:06 GMT
Server
Apache
ETag
"14b24-5bebe494d9a3c"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
84772

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| fbq function| _fbq function| gtag object| dataLayer object| pagespeed object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate function| Hammer function| _ function| Popper function| jQuery function| $ function| axios function| Pusher object| Echo function| Vue object| SocialSharing object| FontAwesomeConfig object| ___FONT_AWESOME___ object| swiperOptions function| setGoBack function| loadAsyncStyleSheets object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_716675

5 Cookies

Domain/Path Name / Value
www.leafythings.com/ Name: leafythings_session
Value: eyJpdiI6IlEzdEJhWFZ0a0lHdE1JNlpnWXZmZnc9PSIsInZhbHVlIjoiQXM2bDVYNjlWUU0ySlJYUlRKSFFUVkFoN1VJN2FJUFc5N0V3MWhSdGhoVXl0dDRlUWVmNlVSNEM1M3FmMGpWc2xZbDYxUFlxa2N5STVTSEM3VkMxTE91ZzR2RkdZQUhqaldUTEFiNzVYVEJXMVpWd2RtVU9DTWVrd085RmtlTjEiLCJtYWMiOiIxNjBhNzY5NWE1MTU1YjQ3ZjMyZjZmODdjYTlhNjIxNmQ3YmEwNWY3YTUxNTdmODgzOGY4YWI2MzAxOTE3NDBjIn0%3D
.leafythings.com/ Name: _gat_gtag_UA_153651009_1
Value: 1
www.leafythings.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjgrZjJWaHhKTTU0STZsRVBHZzUzc2c9PSIsInZhbHVlIjoiNlRLUlFPK0p5QnRvSExrb0NyWXBNZjFiWllBd0NjaDJFM29UQVYwcndUdEx1V1RNUm05VFlqam1vazM5cDhBR1grVDMwN3dabCtNS2hoZlQzaGl6c2p0VmxubzBQM2ZZZCtWRU83QUFcL05RNDNwMnQ1S3RpeXk0TDRjMDhKYUtiIiwibWFjIjoiZDdiZjliN2M5NDA2MjcyM2VhNzEwOTM2OWQxZGU5MWYwZGQ3MmQwMDQ1ZDYwOGVjNjJhNGE0NjlkMzY3YTFlZiJ9
.leafythings.com/ Name: _gid
Value: GA1.2.1105265266.1617251655
.leafythings.com/ Name: _ga
Value: GA1.2.12745016.1617251655

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[fbpixel] 456830754970325 is unavailable. Go to Events Manager to learn more

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.tumblr.com
cbc-ca-news24.tumblr.com
connect.facebook.net
dz8osaahf9pd7.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.cbc.ca
static.tumblr.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.leafythings.com
184.25.114.180
192.0.77.40
2600:9000:21f3:3600:1b:ab56:eac0:21
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a03:2880:f006:21:face:b00c:0:3
52.60.153.228
74.114.154.18
0024445b4719a6d3bdc7b2a025eb02fc2a2a5fb92a4d3b1b19a0ecfd7808c125
01cad88d9f6f5a2859e20ef10e693ae43fcc09b20dc0dcc39aac8d7b2a6720a8
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
0d44204bbe591689e3e0226a948618e0e3224cc7f47d0a79916b5dc3a6a64963
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
1f868160455e4afc0e498acf99001497d39bc485ba2cb359483796ba0a83a7f0
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
31f8e263f3521b98cbe9788c2d01a5b1385844845bded036392be4947c490725
3e4134c9a95dad2228d15c9dc9179f5b121a5c3d736572b0a507883a699287c6
424cc02859880bd7645acf39a6285b89db0c4aba056614ffe52ad70ab49632c3
4521bfbf7dbf68ed30d7cafdc4801cc5c975d5580abb116aeb4bc10a8ce9371a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5b17c1013c7bef3f7649bb4717ae714605df8d2bbb02aee9cf8760026d5ec49c
5bfe39932d2fd1b3cb67ff75d7cb31370681ec5e3b569ba88667be107b2f0b59
5fcba79877c44371799f646c1e31a9ce54a1474cea06524ee50fcfb704149cf2
695122ebf0b1cfbecb240ef10bc494923127cd381ddcd3805a038bea0bff52a3
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72651cc2f523cfee728144c35e3b98acad4d8235ea5a4e7832839509ad29b0a6
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
7ae994006322dce2159402897b6ad80bf2d23d41bcc02ea7525a2b5966d320f7
9c94441f7144c585500c71f4a1487b4f0afdb080ae0563cdc5c953a2a4d6cc47
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0f8fd5b5573a67105432560b0a87c614d524ebd4dd692a51924831291268a2f
afcba8832a607ce3bf9d0d7fe0169f883543ef4b44a72d27329591b16cb4546c
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1c168733c62a93c81a834ed1d7f538e99c2e5e96278d975cdce64e8a2eb6bdb
b3bdcf7893569fcd8283032c2bba2528dd0be1e0eadaa6c43d8b90dfa9a4b80a
bdd975f48c37ec68165940f5d358e6c34ce326cb03f8767d5a5b12431e18acbd
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
cdb40a6bf43fb2a4839ef9e53706a0fa1f72ea0b85200cb3487900fc2eb8d11f
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dd66790b560c209e8728695755cb004a2b9718ef3547f7503f78dbd993536d0b
de2e5b40fee871756364795172ebb15a9db29d19e65db92944c50367fbffe8d0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0905d49441dc565428e1360a92a0621330bb49745afa342921d017084a1c74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d5e80358f5a15b62b7e4418205d2e38efa5ffc5c3d5990c5a2878228014dff
eb896fc2ebd419ffd56371d1e861b60a9f4b43a9a8787a5ba177d15a85f68110
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
ee6300a908f77c88f3e02c183bf9565ad4b50f31885441a703111caf0f9ba9c6
f29da3e58cf64058ba08753f246d5135caa74ac8ae05f089ac1b2bc050ea84a2
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fbd77018cf0a600b6f88155c69c27c4527e20fb8dd10ddcf9f388e57084fcfe7
ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403