portalbernitoyrun.ca Open in urlscan Pro
192.190.84.139  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response portalbernitoyrun.ca/	259 KB 187 KB	515ms 182ms	Document text/html	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 39d50825f4b896ad88096ec73aa33e00596c7d3bd339e6a305a6cb4fdcc048c7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control public, max-age=0 content-encoding gzip content-language en content-type text/html; charset=utf-8 date Mon, 30 Dec 2024 06:49:15 GMT etag "1735539263-1" expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Mon, 30 Dec 2024 06:14:23 GMT link </port-alberni-toy-run>; rel="canonical",</node/26>; rel="shortlink" server Apache vary Cookie,Accept-Encoding x-content-type-options nosniff x-drupal-cache HIT x-frame-options SAMEORIGIN x-generator Drupal 7 (http://drupal.org)
GET H2	200	css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css portalbernitoyrun.ca/sites/default/files/css/	7 KB 2 KB	213ms 210ms	Stylesheet text/css	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control max-age=1209600 content-encoding gzip x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 2217 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Fri, 29 Nov 2024 22:43:50 GMT vary Accept-encoding server Apache content-type text/css
GET H2	200	css_8I8tOCPjIVP6mfeMJ_e9IPVH1CnLb6wMloNuja55pnc.css portalbernitoyrun.ca/sites/default/files/css/	9 KB 2 KB	214ms 212ms	Stylesheet text/css	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/sites/default/files/css/css_8I8tOCPjIVP6mfeMJ_e9IPVH1CnLb6wMloNuja55pnc.css Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash f08f2d3823e32153fa99f78c27f7bd20f547d429cb6fac0c96836e8dae79a677 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control max-age=1209600 content-encoding gzip x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 2326 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Fri, 29 Nov 2024 22:43:50 GMT vary Accept-encoding server Apache content-type text/css
GET H2	200	css_PGbJgHCUCBf4dg7K9Kt8aAwsApndP4GZ9RuToPy3-Fk.css portalbernitoyrun.ca/sites/default/files/css/	494 B 284 B	213ms 211ms	Stylesheet text/css	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/sites/default/files/css/css_PGbJgHCUCBf4dg7K9Kt8aAwsApndP4GZ9RuToPy3-Fk.css Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 3c66c98070940817f8760ecaf4ab7c680c2c0299dd3f8199f51b93a0fcb7f859 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control max-age=1209600 content-encoding gzip x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 250 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Fri, 29 Nov 2024 22:43:50 GMT vary Accept-encoding server Apache content-type text/css
GET H2	200	css fonts.googleapis.com/	5 KB 978 B	112ms 46ms	Stylesheet text/css	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic&snqhqx Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 84cec934d4750c61cbeb30615146c8345ed4099bc4494f310364558a6d42345f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 30 Dec 2024 06:49:16 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Dec 2024 06:49:16 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 30 Dec 2024 04:59:35 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css portalbernitoyrun.ca/sites/default/files/css/	45 KB 10 KB	213ms 211ms	Stylesheet text/css	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/sites/default/files/css/css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 78c2818bf23293a4d5e648dd9cc6d442374acc653f7271a1e031344978188f45 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control max-age=1209600 content-encoding gzip x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 10181 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Fri, 29 Nov 2024 22:43:50 GMT vary Accept-encoding server Apache content-type text/css
GET H2	200	js_s5koNMBdK4BqfHyHNPWCXIL2zD0jFcPyejDZsryApj0.js Show response portalbernitoyrun.ca/sites/default/files/js/	130 KB 44 KB	211ms 209ms	Script text/javascript	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/sites/default/files/js/js_s5koNMBdK4BqfHyHNPWCXIL2zD0jFcPyejDZsryApj0.js Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash b3992834c05d2b806a7c7c8734f5825c82f6cc3d2315c3f27a30d9b2bc80a63d Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control max-age=1209600 content-encoding gzip x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 45449 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Fri, 29 Nov 2024 22:43:50 GMT vary Accept-encoding server Apache content-type text/javascript
GET H2	200	js_bsmG4uu1FTmyBu_b3r9ssNK_V7BZHv56N6RPp5s80hE.js Show response portalbernitoyrun.ca/sites/default/files/js/	29 KB 9 KB	211ms 210ms	Script text/javascript	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/sites/default/files/js/js_bsmG4uu1FTmyBu_b3r9ssNK_V7BZHv56N6RPp5s80hE.js Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 6ec986e2ebb51539b206efdbdebf6cb0d2bf57b0591efe7a37a44fa79b3cd211 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control max-age=1209600 content-encoding gzip x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 9463 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Fri, 29 Nov 2024 22:43:50 GMT vary Accept-encoding server Apache content-type text/javascript
GET H2	200	port-alberni-toy-run-2024--large.png portalbernitoyrun.ca/sites/default/files/	147 KB 147 KB	170ms 168ms	Image image/png	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://portalbernitoyrun.ca/sites/default/files/port-alberni-toy-run-2024--large.png Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 7ec9b69fc99e5da74c8614c9eda7bec343db2518ff5799475488ba3fadab6916 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control max-age=1209600 x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 150499 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Mon, 22 Apr 2024 15:35:49 GMT content-type image/png server Apache
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	106ms 33ms	Script text/javascript	2607:f8b0:4004:c17::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers content-encoding gzip age 3950 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Mon, 30 Dec 2024 07:43:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Dec 2024 05:43:26 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	64ms 30ms	Script application/x-javascript	157.240.229.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-iad3.fbcdn.net Software / Resource Hash 194091d6b6a59844b1e355f53c6bd3c57c6a1b55205306ea6d4a5923a95b8738 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers content-md5 uj/bl8xnh5tuxK1rqMbqGQ== access-control-expose-headers X-FB-Content-MD5 content-encoding gzip etag "f064093e7447b75dff25c32d5cc1878d" report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Mon, 30 Dec 2024 07:03:49 GMT alt-svc h3=":443"; ma=86400 date Mon, 30 Dec 2024 06:49:16 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-content-md5 dbcd338e0eff24ab9989517b47e531c1 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4528, tp=9, tpl=0, uplat=0, ullat=-1 x-fb-debug oJiJQy7DhJ8TgSuXvMb4tLUv+5fvgm1avuYs3Jnm8R8j8PbkahJQvdyqxABHoLn8mLWz//BGCeoH1aw2ToPcow== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top access-control-allow-origin * content-length 1688 origin-agent-cluster ?1
GET H2	200	QnUeO8k0nAs www.youtube.com/embed/ Frame 8567	0 0	186ms 123ms	Document text/html	2607:f8b0:4004:c19::be GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/QnUeO8k0nAs?wmode=opaque&controls=0&autoplay=1&loop=1&playlist=QnUeO8k0nAs Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::be Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://portalbernitoyrun.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-security-policy require-trusted-types-for 'script';report-uri /cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Mon, 30 Dec 2024 06:49:16 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated /	188 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4618a977016574878b21ad084c8b793e433b44255af241f3abe9e56c6e779a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
GET H2	200	bg-body8.jpg portalbernitoyrun.ca/sites/all/themes/blogger_theme/images/	138 KB 138 KB	79ms 79ms	Image image/jpeg	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://portalbernitoyrun.ca/sites/all/themes/blogger_theme/images/bg-body8.jpg Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/sites/default/files/css/css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 8386cbb1602a1df59d2818446deb93c291776a29658b1fabd499d07f96568f2b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/sites/default/files/css/css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css Response headers cache-control max-age=1209600 x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 141408 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Wed, 03 Jun 2015 17:14:00 GMT content-type image/jpeg server Apache
GET H2	200	gradient-70.png portalbernitoyrun.ca/sites/all/themes/blogger_theme/images/	137 B 193 B	86ms 86ms	Image image/png	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://portalbernitoyrun.ca/sites/all/themes/blogger_theme/images/gradient-70.png Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/sites/default/files/css/css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 15142f09610a44ff6ff148618dfd2ca58d12a2612677297c28f34ab4cba90f54 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/sites/default/files/css/css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css Response headers cache-control max-age=1209600 x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 137 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Fri, 15 May 2015 23:06:15 GMT content-type image/png server Apache
GET H2	200	quote.png portalbernitoyrun.ca/sites/all/themes/blogger_theme/images/	237 B 293 B	78ms 77ms	Image image/png	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://portalbernitoyrun.ca/sites/all/themes/blogger_theme/images/quote.png Requested by Host: portalbernitoyrun.ca URL: https://portalbernitoyrun.ca/sites/default/files/css/css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 99a2e04fee64d1811ce09a78a8da10be6ad5e73ff9d29abe98bd9a4d28e720a7 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/sites/default/files/css/css_eMKBi_Iyk6TV5kjdnMbUQjdKzGU_cnGh4DE0SXgYj0U.css Response headers cache-control max-age=1209600 x-content-type-options nosniff expires Mon, 13 Jan 2025 06:49:16 GMT accept-ranges bytes content-length 237 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Wed, 03 Jun 2015 03:27:37 GMT content-type image/png server Apache
GET H3	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	76ms 37ms	Font font/woff2	142.251.179.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic&snqhqx Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f94.1e100.net Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://portalbernitoyrun.ca Referer https://fonts.googleapis.com/ Response headers age 224332 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 27 Dec 2025 16:30:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 27 Dec 2024 16:30:24 GMT last-modified Tue, 02 May 2023 15:17:22 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 23580 x-xss-protection 0 server sffe
GET H3	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	73ms 34ms	Font font/woff2	142.251.179.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic&snqhqx Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f94.1e100.net Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://portalbernitoyrun.ca Referer https://fonts.googleapis.com/ Response headers age 213186 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 27 Dec 2025 19:36:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 27 Dec 2024 19:36:10 GMT last-modified Tue, 02 May 2023 15:07:25 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 23040 x-xss-protection 0 server sffe
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	249 KB 74 KB	33ms 31ms	Script application/x-javascript	157.240.229.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=b59f5889b594a47c8c3ca8c14b397559 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-iad3.fbcdn.net Software / Resource Hash d28b47415bc12ebdab3bd7afd13dc2cc61883c7e5558718e5589f834c2d16034 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://portalbernitoyrun.ca Referer https://portalbernitoyrun.ca/ Response headers content-md5 j6DoPg2OlOxlXQTNcwJQ1w== access-control-expose-headers X-FB-Content-MD5 content-encoding gzip etag "e4e96ea311b9436226ce1a2d8e5da0c0" report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Tue, 30 Dec 2025 06:23:25 GMT alt-svc h3=":443"; ma=86400 date Mon, 30 Dec 2024 06:49:16 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-content-md5 13d7e9baa22a670fe3021dd7280fbb10 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1888, tp=5, tpl=0, uplat=0, ullat=-1 x-fb-debug RKz9tpMBCWbYUfICsyGrv80eeqEJYPBjlF5sR4SO1uqFstGvdNRMG8xnIWyNRYFWLAlXxjdEw2xIkeWHzV9kCA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top access-control-allow-origin * content-length 75183 origin-agent-cluster ?1
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 437 B	41ms 39ms	XHR text/plain	2607:f8b0:4004:c17::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1636604770&t=pageview&_s=1&dl=https%3A%2F%2Fportalbernitoyrun.ca%2F&ul=en-ca&de=UTF-8&dt=The%20Port%20Alberni%20Toy%20Run%20%7C%20Port%20Alberni%20Toy%20Run&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1886348061&gjid=102486832&cid=1260883326.1735541356&tid=UA-916062-23&_gid=468019269.1735541356&_r=1&_slc=1&z=1922312838 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 7e3aa506a8208b9d6f3e22c8229b3a4150ba73c71f8ab8acae0e540337c2a231 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://portalbernitoyrun.ca/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Dec 2024 06:49:16 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://portalbernitoyrun.ca cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 15 server Golfe2
GET H2	200	js Show response www.googletagmanager.com/gtag/	278 KB 99 KB	121ms 58ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JW46KLY4FM&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5feda2661199e7a32f565eb7b234c5180c1e3992727d54725f1e158428241c70 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 30 Dec 2024 06:49:16 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Dec 2024 06:49:16 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 100256 x-xss-protection 0 server Google Tag Manager
POST H3	204	collect www.google-analytics.com/g/	0 0	39ms 39ms	Fetch text/plain	142.251.16.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-JW46KLY4FM&gtm=45je4cc1v9110474409za200&_p=1735541356410&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=en-ca&sr=1600x1200&cid=1260883326.1735541356&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fportalbernitoyrun.ca%2F&dt=The%20Port%20Alberni%20Toy%20Run%20%7C%20Port%20Alberni%20Toy%20Run&sid=1735541356&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1220 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JW46KLY4FM&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.138 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f138.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://portalbernitoyrun.ca cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Dec 2024 06:49:16 GMT content-type text/plain server Golfe2
GET H3	200	page.php www.facebook.com/v2.3/plugins/ Frame A749	0 0	538ms 498ms	Document text/html	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v2.3/plugins/page.php?app_id=145732565489473&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa88f53bc564725c6%26domain%3Dportalbernitoyrun.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fportalbernitoyrun.ca%252Ff0b3993bded58117c%26relation%3Dparent.parent&container_width=333&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FPort-Alberni-Toy-Run%2F236995882679&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&width=330 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=b59f5889b594a47c8c3ca8c14b397559 Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://portalbernitoyrun.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding zstd content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none;report-to="coop_report" cross-origin-resource-policy cross-origin date Mon, 30 Dec 2024 06:49:17 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v16.0 origin-agent-cluster ?1 permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" pragma no-cache priority u=0,i report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7454093369280982366"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7454093369280982366", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4528, tp=9, tpl=0, uplat=468, ullat=0 x-fb-debug hc9W/X1fYHVPJuUSvOZ5wKomSr8SvSjbU9ckGbfqjbv3fKxQHVpDQ677tgL/cd+GB//jriRkONWeDaNIx/KunA== x-xss-protection 0
GET H2	404	favicon.ico portalbernitoyrun.ca/	294 B 324 B	287ms 287ms	Other text/html	192.190.84.139 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://portalbernitoyrun.ca/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.190.84.139 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS host.albernihosting.net Software Apache / Resource Hash 2c0ad761da41b0e97a2083ec303bc640d169610006a98a35b595b09e0e281499 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://portalbernitoyrun.ca/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, must-revalidate content-encoding gzip x-content-type-options nosniff expires Sun, 19 Nov 1978 05:00:00 GMT date Mon, 30 Dec 2024 06:49:18 GMT content-language en vary Accept-Encoding server Apache x-drupal-cache MISS x-frame-options SAMEORIGIN

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| Drupal function| jQuery object| jQuery110208115876693872679 function| Retina function| RetinaImagePath function| RetinaImage string| GoogleAnalyticsObject function| ga object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __buffer object| dataLayer object| google_tag_manager

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.portalbernitoyrun.ca/	1970-01-21 11:41:41	Name: _ga Value: GA1.2.1260883326.1735541356
			.portalbernitoyrun.ca/	1970-01-21 02:07:07	Name: _gid Value: GA1.2.468019269.1735541356
			.portalbernitoyrun.ca/	1970-01-21 02:05:41	Name: _gat Value: 1
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1jEmj8iPGLc
			.youtube.com/	1970-01-21 06:24:53	Name: VISITOR_INFO1_LIVE Value: THrxJW6nAiE
			.youtube.com/	1970-01-21 06:24:53	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgOg%3D%3D
			.portalbernitoyrun.ca/	1970-01-21 11:41:41	Name: _ga_JW46KLY4FM Value: GS1.2.1735541356.1.0.1735541356.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://portalbernitoyrun.ca/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
portalbernitoyrun.ca
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
142.251.16.138
142.251.179.94
157.240.229.1
192.190.84.139
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::61
2607:f8b0:4004:c17::71
2607:f8b0:4004:c19::be
31.13.66.35
15142f09610a44ff6ff148618dfd2ca58d12a2612677297c28f34ab4cba90f54
194091d6b6a59844b1e355f53c6bd3c57c6a1b55205306ea6d4a5923a95b8738
2c0ad761da41b0e97a2083ec303bc640d169610006a98a35b595b09e0e281499
39d50825f4b896ad88096ec73aa33e00596c7d3bd339e6a305a6cb4fdcc048c7
3c66c98070940817f8760ecaf4ab7c680c2c0299dd3f8199f51b93a0fcb7f859
5feda2661199e7a32f565eb7b234c5180c1e3992727d54725f1e158428241c70
6ec986e2ebb51539b206efdbdebf6cb0d2bf57b0591efe7a37a44fa79b3cd211
78c2818bf23293a4d5e648dd9cc6d442374acc653f7271a1e031344978188f45
7e3aa506a8208b9d6f3e22c8229b3a4150ba73c71f8ab8acae0e540337c2a231
7ec9b69fc99e5da74c8614c9eda7bec343db2518ff5799475488ba3fadab6916
8386cbb1602a1df59d2818446deb93c291776a29658b1fabd499d07f96568f2b
84cec934d4750c61cbeb30615146c8345ed4099bc4494f310364558a6d42345f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99a2e04fee64d1811ce09a78a8da10be6ad5e73ff9d29abe98bd9a4d28e720a7
b3992834c05d2b806a7c7c8734f5825c82f6cc3d2315c3f27a30d9b2bc80a63d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
d28b47415bc12ebdab3bd7afd13dc2cc61883c7e5558718e5589f834c2d16034
d4618a977016574878b21ad084c8b793e433b44255af241f3abe9e56c6e779a0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f08f2d3823e32153fa99f78c27f7bd20f547d429cb6fac0c96836e8dae79a677