URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Submission: On December 06 via api from RU — Scanned from IL

Summary

This website contacted 18 IPs in 2 countries across 14 domains to perform 48 HTTP transactions. The main IP is 54.177.154.80, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is fareharbor.com. The Cisco Umbrella rank of the primary domain is 31086.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 26th 2024. Valid for: a year.
This is the only time fareharbor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 54.177.154.80 16509 (AMAZON-02)
4 18.245.62.137 16509 (AMAZON-02)
2 142.250.185.72 15169 (GOOGLE)
2 108.138.7.81 16509 (AMAZON-02)
1 45.60.76.55 19551 (INCAPSULA)
1 147.12.18.68 200596 (ADYEN Ady...)
1 172.217.18.110 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 216.58.206.35 15169 (GOOGLE)
1 172.217.18.10 15169 (GOOGLE)
2 151.101.64.176 54113 (FASTLY)
7 151.101.66.133 54113 (FASTLY)
2 216.58.206.46 15169 (GOOGLE)
1 74.125.133.155 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
1 52.202.105.7 ()
48 18
Apex Domain
Subdomains
Transfer
17 fareharbor.com
fareharbor.com — Cisco Umbrella Rank: 31086
420 KB
7 filestackcontent.com
cdn.filestackcontent.com — Cisco Umbrella Rank: 18617
650 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1073
202 KB
4 cloudfront.net
dipr2nuwo661l.cloudfront.net
2 MB
3 google.com
translate.google.com — Cisco Umbrella Rank: 1113
analytics.google.com — Cisco Umbrella Rank: 142
30 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
553 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
196 KB
1 honeycomb.io
api.honeycomb.io Failed
144 B
1 google.co.il
www.google.co.il — Cisco Umbrella Rank: 35336
408 B
1 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 912
74 KB
1 gstatic.com
www.gstatic.com
4 KB
1 sentry.io
o10963.ingest.sentry.io — Cisco Umbrella Rank: 46834
297 B
1 adyen.com
checkoutshopper-live.adyen.com — Cisco Umbrella Rank: 16622
100 KB
1 payconex.net
secure.payconex.net — Cisco Umbrella Rank: 104594
6 KB
48 14
Domain Requested by
17 fareharbor.com fareharbor.com
dipr2nuwo661l.cloudfront.net
7 cdn.filestackcontent.com fareharbor.com
4 js.stripe.com fareharbor.com
js.stripe.com
4 dipr2nuwo661l.cloudfront.net fareharbor.com
2 analytics.google.com dipr2nuwo661l.cloudfront.net
2 www.googletagmanager.com fareharbor.com
www.googletagmanager.com
1 api.honeycomb.io dipr2nuwo661l.cloudfront.net
1 www.google.co.il fareharbor.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 translate.googleapis.com
1 www.gstatic.com
1 o10963.ingest.sentry.io dipr2nuwo661l.cloudfront.net
1 translate.google.com fareharbor.com
1 checkoutshopper-live.adyen.com fareharbor.com
1 secure.payconex.net fareharbor.com
48 16

This site contains no links.

Subject Issuer Validity Valid
production.fareharbor.com
Amazon RSA 2048 M02
2024-03-26 -
2025-04-24
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-10-30 -
2025-02-06
3 months crt.sh
secure.payconex.net
Go Daddy Secure Certificate Authority - G2
2024-05-24 -
2025-06-25
a year crt.sh
*.adyen.com
GeoTrust TLS RSA CA G1
2024-01-11 -
2025-02-08
a year crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-03 -
2025-07-29
10 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.filestackcontent.com
R11
2024-10-28 -
2025-01-26
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.co.il
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.honeycomb.io
Amazon RSA 2048 M03
2024-01-30 -
2025-02-26
a year crt.sh

This page contains 4 frames:

Primary Page: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Frame ID: EE176B73D4C87697C1D9559F68D6404E
Requests: 45 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffareharbor.com&stripe_xdm_c=default272929&stripe_xdm_p=1
Frame ID: 1BAE9D782FF287D95B605923A79AAB99
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-CRSZ7X564R&gacid=965709383.1733465135&gtm=45je4c40v9124931455za200zb897214346&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1494126203
Frame ID: DBB435F62966586D215B3522800610B5
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: F9E57124053565E826E678FE9D7FECD7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Northern Lights Village Levi

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

48
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

18
IPs

2
Countries

3379 kB
Transfer

12438 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fareharbor.com/embeds/book/northernlightsvillagelevi/
2 MB
314 KB
Document
General
Full URL
https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee505d522f166226f13c8253ecf613910e66dff42da789cbda38d25610b2aa62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
en-us
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://secure.payconex.net https://cert.payconex.net dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.honeycomb.io https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 06:05:23 GMT
p3p
CP="This is not a P3P policy."
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-amzn-trace-id
Root=1-67529423-752b8bbc3f8605a74706399c
x-content-type-options
nosniff
x-fh-loadbalancer
production
x-xss-protection
1; mode=block
main-styles.dd7e0ef2755df448b014.css
dipr2nuwo661l.cloudfront.net/static/dist/
890 KB
181 KB
Stylesheet
General
Full URL
https://dipr2nuwo661l.cloudfront.net/static/dist/main-styles.dd7e0ef2755df448b014.css
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-137.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db8eb6b0097c8655c42981c14b7e89d13d093ef5dabf7a979b14e079b8565c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"29cede4f2604b9093677fe93c070daa8"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
Kj7mSigk34pv1RXkyLFtUS3UJDNtQf3xZtzEe5P04Zrv3m2p2nktew==
date
Fri, 06 Dec 2024 06:05:24 GMT
content-type
text/css
vary
Accept-Encoding
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Thu, 05 Dec 2024 18:15:52 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
fonts.eacdf4961de415ddab83.css
dipr2nuwo661l.cloudfront.net/static/dist/
2 KB
893 B
Stylesheet
General
Full URL
https://dipr2nuwo661l.cloudfront.net/static/dist/fonts.eacdf4961de415ddab83.css
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-137.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0200f0f25658abad4240de4f1e276a6a7b1df1b8ad2e9c2aa04baa23791f9e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"af300bcdcaca533588b19bee5fd3316d"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
6s62CQdkQ51kECIP4xv1yAiklfdpfHVJc5HbpgvTET78jXO6ILdccw==
date
Fri, 06 Dec 2024 06:05:24 GMT
content-type
text/css
vary
Accept-Encoding
x-amz-expiration
expiry-date="Fri, 21 Feb 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Fri, 22 Nov 2024 15:45:07 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
content-length
324
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
output.eb17a51b3842.js
dipr2nuwo661l.cloudfront.net/static/cache/js/
2 MB
516 KB
Script
General
Full URL
https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-137.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb17a51b3842b7721bce81c26643b7c79bb4d8cb48edcdedcaa51795753f60d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"8036491817de55b4e82cfeb9a3e39b81"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
H06VU7cZ4qYXKmB0kRzlzgUHV5Acf1AQaLLFOihcOX2OYdHjmIWRMQ==
date
Fri, 06 Dec 2024 06:05:24 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-expiration
expiry-date="Tue, 25 Feb 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Tue, 26 Nov 2024 19:53:06 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/
271 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6WXE90X597
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
37a9cf601fafc69a6805ee2453569204c5ec8e6594fff1abde27b3550a7cbd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 06 Dec 2024 06:05:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:05:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97255
x-xss-protection
0
server
Google Tag Manager
honeycomb-sdk-bundle.js
fareharbor.com/static/dist/
200 KB
54 KB
Script
General
Full URL
https://fareharbor.com/static/dist/honeycomb-sdk-bundle.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
c46b88c5c5746d0f309891fbe133e297327f19f287ba30ef172bd506e797ce54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us

Response headers

content-encoding
gzip
etag
"5e92f12e664baa66d2df24f9a3b332f2"
x-content-type-options
nosniff
date
Fri, 06 Dec 2024 06:05:24 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 23:00:58 GMT
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
x-amz-id-2
V5nFPV3CciBJdDNHkZALbdwt0bpgNBC5wurmoVS+EEXSLFIso1n4XVPeu5nyd5tDVFgxd4DuMtU=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
x-amz-request-id
NPJ43MY9CFCTCXJZ
x-xss-protection
1; mode=block
server
AmazonS3
x-amz-server-side-encryption
AES256
djangojs.js
fareharbor.com/static/jstranslation/en-us/
3 KB
1 KB
Script
General
Full URL
https://fareharbor.com/static/jstranslation/en-us/djangojs.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
7be221b7585120acee6b00a4a704773850e9dcf9cf0f4f732e64b6647df0ded2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us

Response headers

content-encoding
gzip
etag
"442b313fe22223699efd3b4d3d975241"
x-content-type-options
nosniff
date
Fri, 06 Dec 2024 06:05:24 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 23:01:00 GMT
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
x-amz-id-2
igBIsp448EJk6UgIG0RLRh7jIx15ZR+QSBUYavLM8msb5LF/Ri5qNcCt3Favr3e4OtDVGx1Kqfo=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
x-amz-request-id
NPJFW7300ZFYA7KM
content-length
973
x-xss-protection
1; mode=block
server
AmazonS3
x-amz-server-side-encryption
AES256
/
js.stripe.com/v2/
62 KB
21 KB
Script
General
Full URL
https://js.stripe.com/v2/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-81.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1b09be9a7642c5fee2094c5c169b8bfd0ff0c325cc873771bc53973b5ef60a2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
W/"d4244ebaa59290b954774d48cb8cc6ef"
age
250
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
-W9COd-0mwInbfFZNFaQrJzz0cvjsEmJU3DhfZt7rrTD3a7Nu27gYQ==
date
Fri, 06 Dec 2024 06:05:25 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 16 Oct 2024 18:47:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
Cloudfront
/
js.stripe.com/v3/
692 KB
181 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-81.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d834f1d8d599d73d5d5a63edae9b409299ea5701308af351a509264ea9d51204
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
br
etag
W/"838f021032c36e3fe69bcb27bcf45501"
age
26
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
WmYPypoiQc9VLeCVkhCQLT2SeqrCbSNtVxg5X1GRbmxHo6iqa--SQQ==
date
Fri, 06 Dec 2024 06:04:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 05 Dec 2024 21:58:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
Cloudfront
iframe-lib-1.0.0.js
secure.payconex.net/iframe/
29 KB
6 KB
Script
General
Full URL
https://secure.payconex.net/iframe/iframe-lib-1.0.0.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.55 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b18cc555d4f4ee121a365208814327239667668d8700594b310d3c857fb6cddb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

x-iinfo
14-168872443-168872491 2CNN RT(1733465124452 335) q(0 0 0 1) r(0 0)
cache-control
max-age=681, public, must-revalidate
content-encoding
gzip
etag
"dc6b1c92"
x-cdn
Imperva
expires
Fri, 06 Dec 2024 06:16:45 GMT
content-length
5733
date
Fri, 06 Dec 2024 06:05:24 GMT
last-modified
Wed, 02 Oct 2024 19:45:55 GMT
content-type
application/javascript
adyen.js
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.8.1/
402 KB
100 KB
Script
General
Full URL
https://checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.8.1/adyen.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.12.18.68 , Netherlands, ASN200596 (ADYEN Adyen N.V., NL),
Reverse DNS
930C1244.adyen.com
Software
/
Resource Hash
dffbfa6094b00631aa49667e25e7e7a17a113580f38d6d35e9f8ba87a8b972ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600
nel
{"report_to":"network-reports","max_age":86400,"include_subdomains":false,"success_fraction":0.0,"failure_fraction":1.0}
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"network-reports","max_age":86400,"endpoints":[{"url":"https://nel.cdn.adyen.com/upload-reports"}],"include_subdomains":false}
traceparent
00-e8967d2d0a149ec5fa2bc998d5964fa3-f876ca14d5a7d517-01
access-control-allow-origin
*
date
Fri, 06 Dec 2024 06:05:25 GMT
content-type
text/javascript;charset=UTF8
element.js
translate.google.com/translate_a/
87 KB
29 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
db0dd9bea99dc0decec377bfdd465da9bcf36774de3a2340c33df34ed0a654a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:05:25 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
output.f19a47454b27.js
dipr2nuwo661l.cloudfront.net/static/cache/js/
4 MB
999 KB
Script
General
Full URL
https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.f19a47454b27.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-137.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f19a47454b277319dedb77f7b7ce012bcfc4ca706faf10dbdfab375e5e1c5f59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"5f2867cb76fd35dc357a692ac613fb03"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
nKrjnoGAAeL2YVcIgvzQAeuHJImH9rVXDU1utNVCcMMQqEU_5H7i0w==
date
Fri, 06 Dec 2024 06:05:24 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Thu, 05 Dec 2024 19:59:04 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
/
o10963.ingest.sentry.io/api/5933789/envelope/
2 B
297 B
Fetch
General
Full URL
https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://fareharbor.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:05:29 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.6MwoAK7bmYU.R.W.O/am=DAY/d=0/rs=AN8SPfq59Ki7m0hcmxZpCyWU1IXW5nmHkw/
22 KB
4 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.6MwoAK7bmYU.R.W.O/am=DAY/d=0/rs=AN8SPfq59Ki7m0hcmxZpCyWU1IXW5nmHkw/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.iw.g4P33ffBAIY.O/am=DAY/d=1/rs=AN8SPfpEldxVoIqSrPPt0tuc0Wi8CTuEog/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
cab0cbd118de4f2881dbfb24c0c4a49d429cda90af998c3712103a18ad59f973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
age
410657
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Mon, 01 Dec 2025 12:01:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 12:01:14 GMT
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
4187
x-xss-protection
0
server
sffe
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.iw.g4P33ffBAIY.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqKeMp2617A_uxYmD0M3JOVa9wezg/
214 KB
74 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.iw.g4P33ffBAIY.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqKeMp2617A_uxYmD0M3JOVa9wezg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.iw.g4P33ffBAIY.O/am=DAY/d=1/rs=AN8SPfpEldxVoIqSrPPt0tuc0Wi8CTuEog/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
sffe /
Resource Hash
46d2ae7fd4d33542d7f44c4089a05e81b2dc935c135cf6c2c7fef178aed3bed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
age
35401
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 20:15:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 20:15:31 GMT
last-modified
Wed, 04 Dec 2024 06:14:51 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
75120
x-xss-protection
0
server
sffe
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/
19 KB
6 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
285b9656a21e8df80ba9451994b129425bca45fb9f89fe4763b805e5f4b6467f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-84657b5d6e7e6d6c2aab2febef4551c0-efbb1a8a340041e5-01
X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-7dc35972615478df124c5f31
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:33 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/flow-nodes/103426/
48 KB
6 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/flow-nodes/103426/?is_page=yes
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
57629a46f282927ac36246ff996646993808cb9045d60cecc544ceea91fdf2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-9f29fe6659e78004901935d1bd0e81fe-786b1644255334ea-01
X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-01f5a92e6f728ea65ca83db7
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:33 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
channel.html
js.stripe.com/v2/ Frame 1BAE
0
0
Document
General
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffareharbor.com&stripe_xdm_c=default272929&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fareharbor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
234
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
public, max-age=300
content-encoding
br
content-length
449
content-security-policy
report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src https://api.stripe.com; default-src 'self'; form-action 'none'; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-M1LJiJCn3XBCZ1erCVATqpCSJ5Yd9sUrS2npRlBZ6YE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 06:05:33 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
last-modified
Wed, 16 Oct 2024 18:47:24 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-content-type-options
nosniff
x-request-id
7db08fce-7f78-45b0-a090-c1f2e3d275b6
x-served-by
cache-fra-eddf8230084-FRA
/
fareharbor.com/api/v1/persistence/b6c8b07f-f8e8-4a8f-99ef-2a1d0260434e/northernlightsvillagelevi/analytics/
14 B
481 B
XHR
General
Full URL
https://fareharbor.com/api/v1/persistence/b6c8b07f-f8e8-4a8f-99ef-2a1d0260434e/northernlightsvillagelevi/analytics/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1c197daef20de3f47eec5e2f735ec6669869d3180cc29f35be4788511e0af0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-273a821be64919cea9bc5f0550483be1-4a4a79a5ed7c1a46-01
X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-6752942d-1324dacf6e9d24565cc4e5d4
x-content-type-options
nosniff
content-length
14
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:33 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/persistence/b6c8b07f-f8e8-4a8f-99ef-2a1d0260434e/northernlightsvillagelevi/cart/
14 B
481 B
XHR
General
Full URL
https://fareharbor.com/api/v1/persistence/b6c8b07f-f8e8-4a8f-99ef-2a1d0260434e/northernlightsvillagelevi/cart/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1c197daef20de3f47eec5e2f735ec6669869d3180cc29f35be4788511e0af0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-6382196d68e7cbf7c772dd04c0ed481e-2b431f783ea70961-01
X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/?flow=103426&language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-6752942d-5b8f79c169f07a52132482c8
x-content-type-options
nosniff
content-length
14
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:33 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
truncated
/
149 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f30784c147853c6e73ee5be29fcd96195f1824d3bd9fbf6080860eff6188adba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://fareharbor.com
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144851/pricing-overview/
7 KB
1 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144851/pricing-overview/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e7cb148885d816bced2f5fdfaae75086461a26047d876d33574edf6b27f58a09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
sentry-trace
170f1ba1eed3436aaeb6544727e73dbc-a3a0d9c36ee9a916-0
traceparent
00-894713d1ff978b0014fd99dbebe137a3-057f1c5aa41dfb65-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-3b271da00b7cf0496bac71c8
x-content-type-options
nosniff
content-length
1038
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144852/pricing-overview/
7 KB
1 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144852/pricing-overview/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
6ef99573ab1f234dd2f5cc13fe5ded9ecb1bda48d56885b1bb1218179e210c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
sentry-trace
170f1ba1eed3436aaeb6544727e73dbc-a5fc4e74b94b18a3-0
traceparent
00-bbb4133f8d254fe7a794dcd9a88b3484-97be4866cbe9c2ac-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-0f2b204b1282811e6cff3b3c
x-content-type-options
nosniff
content-length
1046
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144846/pricing-overview/
7 KB
1 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144846/pricing-overview/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca95580ab54dde0d4f5b14f4c45b8b53c1fed7a2a7d234e42f126ddcb3c9bf83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
sentry-trace
170f1ba1eed3436aaeb6544727e73dbc-a3f68ebb3a7cff88-0
traceparent
00-22ffd2243756cd64ea9fc747e1a4a849-49741dbbeea3a3a1-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-0db53704626c287b65498de2
x-content-type-options
nosniff
content-length
1042
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144843/pricing-overview/
5 KB
1 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144843/pricing-overview/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
d8dcda3647d674150f44310f60d20e7dd79672099d14e69269a48e33d118e141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
sentry-trace
170f1ba1eed3436aaeb6544727e73dbc-b9ebbfe8d144b7a9-0
traceparent
00-b9502bc860c24b735ab99ef6fdede0c8-6d24812cdbf6d7d6-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-5188a04a547fe5da132b433e
x-content-type-options
nosniff
content-length
940
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144847/pricing-overview/
7 KB
1 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/144847/pricing-overview/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
90699ada26e838fbecaf7dffb56b296356cc127bddc0c857c34608e1810f91c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
sentry-trace
170f1ba1eed3436aaeb6544727e73dbc-b2dda9974fd454f0-0
traceparent
00-4d3c88285a9a58b5d58a27572717c378-cf8073babf0aa521-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-7f2ae4e17f9e9e3832659bce
x-content-type-options
nosniff
content-length
1042
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/238697/pricing-overview/
7 KB
1 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/238697/pricing-overview/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
fdad99579536793d988889fa25110c958e96f24c45f36a978b7d3dc282a030e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
sentry-trace
170f1ba1eed3436aaeb6544727e73dbc-96cec52f70312972-0
traceparent
00-3adc42d0b8bd4dcac4f12194d0b988f0-2ec9983272aabde5-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-6752942d-5a22521f508a0bad21b39f3a
x-content-type-options
nosniff
content-length
1048
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
convert
cdn.filestackcontent.com/apYcSKf0SuuDveIk0F7G/
48 KB
48 KB
Image
General
Full URL
https://cdn.filestackcontent.com/apYcSKf0SuuDveIk0F7G/convert?cache=true&compress=true&quality=90&h=692&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d0857eb54479b58212641e8d1acfbc0f2af01b87535571da9e9cd23429b0c272

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"0209d0d897c86a264ffd2cc4204d9786"
age
1368542
access-control-allow-methods
GET, POST
filestack-trace-id
1729261474-ngoahBpATW
x-cache
HIT, HIT
date
Fri, 06 Dec 2024 06:05:34 GMT
x-file-name
raekallio.jpg
content-type
image/jpeg
content-disposition
inline; filename="raekallio.jpg"
x-served-by
cache-iad-kjyo7100134-IAD, cache-fra-eddf8230064-FRA
last-modified
Fri, 18 Oct 2024 14:24:35 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
6, 0
cache-control
public, max-age=31536000
x-timer
S1733465134.188785,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
49108
convert
cdn.filestackcontent.com/NvYcz8oSFKzRGFSLY1xw/
113 KB
114 KB
Image
General
Full URL
https://cdn.filestackcontent.com/NvYcz8oSFKzRGFSLY1xw/convert?cache=true&compress=true&quality=90&w=920&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0222e02af3bb1b481b762b953c0aa9c7f7c178f1ec853a666a5d35f829dc2b52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"a759065c1f98170adf5d269c5423a0af"
age
1994799
access-control-allow-methods
GET, POST
filestack-trace-id
1729261584-LVBTIk7IQX
x-cache
HIT, HIT
date
Fri, 06 Dec 2024 06:05:34 GMT
x-file-name
HT4A1059-X3.jpg
content-type
image/jpeg
content-disposition
inline; filename="HT4A1059-X3.jpg"
x-served-by
cache-iad-kcgs7200163-IAD, cache-fra-eddf8230064-FRA
last-modified
Fri, 18 Oct 2024 14:26:25 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
6, 0
cache-control
public, max-age=31536000
x-timer
S1733465134.188771,VS0,VE89
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
116173
convert
cdn.filestackcontent.com/IqD49HHRSKMzQ9BrW3dx/
179 KB
179 KB
Image
General
Full URL
https://cdn.filestackcontent.com/IqD49HHRSKMzQ9BrW3dx/convert?cache=true&compress=true&quality=90&w=920&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
11ed52e3c767f9e58e5aaf42e5be4109269fc8b9e6cad66d53a1ebd792561264

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"2fd09fbcbbc5a108d31719cc91bc3dbe"
age
1263674
access-control-allow-methods
GET, POST
filestack-trace-id
1729261551-qfEQE7ERB6
x-cache
HIT, HIT
date
Fri, 06 Dec 2024 06:05:34 GMT
x-file-name
6a358488-062a-43b1-a537-7067e69068cd.jpg
content-type
image/jpeg
content-disposition
inline; filename="6a358488-062a-43b1-a537-7067e69068cd.jpg"
x-served-by
cache-iad-kcgs7200154-IAD, cache-fra-eddf8230064-FRA
last-modified
Fri, 18 Oct 2024 14:25:52 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
6, 0
cache-control
public, max-age=31536000
x-timer
S1733465134.189031,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
183000
convert
cdn.filestackcontent.com/3zrZDZmzTz1gAUAXHrPQ/
64 KB
65 KB
Image
General
Full URL
https://cdn.filestackcontent.com/3zrZDZmzTz1gAUAXHrPQ/convert?cache=true&compress=true&quality=90&w=604&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5fc4a63d9ea6feebd23869477f4ee0eb58140af70defaaf44c005391ca257cf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"6cffde095563ed17c41cda316d2dff0d"
age
1368543
access-control-allow-methods
GET, POST
filestack-trace-id
1725613614-YPCubZDQNK
x-cache
HIT, HIT
date
Fri, 06 Dec 2024 06:05:34 GMT
x-file-name
IMG_2079-X3.jpg
content-type
image/jpeg
content-disposition
inline; filename="IMG_2079-X3.jpg"
x-served-by
cache-iad-kcgs7200124-IAD, cache-fra-eddf8230064-FRA
last-modified
Fri, 30 Aug 2024 13:22:44 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
14, 0
cache-control
public, max-age=31536000
x-timer
S1733465134.188525,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
65986
convert
cdn.filestackcontent.com/O6yOMLhSSMuXFliPGYiZ/
99 KB
99 KB
Image
General
Full URL
https://cdn.filestackcontent.com/O6yOMLhSSMuXFliPGYiZ/convert?cache=true&compress=true&quality=90&w=604&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
629651b269b3a91a431bcd460587ac231a290945bc9c62866fc67c42abbbec83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"fd8e7591e6eba50cbaf58fc630995405"
age
61773
access-control-allow-methods
GET, POST
filestack-trace-id
1724264971-BJYvtd6USL
x-cache
HIT, HIT
date
Fri, 06 Dec 2024 06:05:34 GMT
x-file-name
NLV-ruska-2020-29.jpg
content-type
image/jpeg
content-disposition
inline; filename="NLV-ruska-2020-29.jpg"
x-served-by
cache-iad-kjyo7100074-IAD, cache-fra-eddf8230064-FRA
last-modified
Wed, 21 Aug 2024 18:29:32 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
3, 0
cache-control
public, max-age=31536000
x-timer
S1733465134.188830,VS0,VE89
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
101203
convert
cdn.filestackcontent.com/ue8xpReKQuCxchD02Ox1/
65 KB
66 KB
Image
General
Full URL
https://cdn.filestackcontent.com/ue8xpReKQuCxchD02Ox1/convert?cache=true&compress=true&quality=90&w=604&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c983390b6128e60d0746aeed8419d6996a567ba410861edff9468dd60a81c5e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"0907d92bfbb50717b161d8aaee4eb2ac"
age
144064
access-control-allow-methods
GET, POST
filestack-trace-id
1729261487-jJ7T0gDRR7
x-cache
HIT, HIT
date
Fri, 06 Dec 2024 06:05:34 GMT
x-file-name
HT4A0050-X3.jpg
content-type
image/jpeg
content-disposition
inline; filename="HT4A0050-X3.jpg"
x-served-by
cache-iad-kiad7000074-IAD, cache-fra-eddf8230064-FRA
last-modified
Fri, 18 Oct 2024 14:24:48 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
13, 0
cache-control
public, max-age=31536000
x-timer
S1733465134.189036,VS0,VE88
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
66915
convert
cdn.filestackcontent.com/s7mTGBM0QVahDQiBIrNf/
78 KB
79 KB
Image
General
Full URL
https://cdn.filestackcontent.com/s7mTGBM0QVahDQiBIrNf/convert?cache=true&compress=true&quality=90&h=250&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9158f023b96a61687b1a024768bcd2acdc80c9f672050cf12eb577d7cd874ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"be0de8e6a9c5d9bbcb9849cff670fb40"
age
2562999
access-control-allow-methods
GET, POST
filestack-trace-id
1716970897-T3McS9SQpa
x-cache
HIT, HIT
date
Fri, 06 Dec 2024 06:05:34 GMT
x-file-name
Untitled-10.png
content-type
image/png
content-disposition
inline; filename="Untitled-10.png"
x-served-by
cache-iad-kjyo7100142-IAD, cache-fra-eddf8230064-FRA
last-modified
Sun, 05 May 2024 17:10:06 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
21, 0
cache-control
public, max-age=31536000
x-timer
S1733465134.302887,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
80271
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/a-services/
799 B
1 KB
XHR
General
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/a-services/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
f01f5d44634c07955b4cfc61af997c2ac97a5028340bfb1ea7d42fa0e12565f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
sentry-trace
170f1ba1eed3436aaeb6544727e73dbc-8c554cf238853025-0
traceparent
00-988de4351b4d8f8b88616db21ec4ebc9-0479246088dab0f9-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-6752942e-4b976523786ede7221ba7576
x-content-type-options
nosniff
content-length
799
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
313 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CRSZ7X564R&l=dataLayer&cx=c&gtm=45je4c40v897214346za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6WXE90X597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0c3d8555f64afa6222199b07a04dce2b345826ead7ad244209361a3dd50d0426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 06 Dec 2024 06:05:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:05:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102625
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/
0
553 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CRSZ7X564R&gtm=45je4c40v9124931455za200zb897214346&_p=1733465133987&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=965709383.1733465135&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1733465134&sct=1&seg=0&dl=https%3A%2F%2Ffareharbor.com%2Fembeds%2Fbook%2Fnorthernlightsvillagelevi%2Fitems%2F%3Fflow%3D103426%26language%3Den-us&dt=Northern%20Lights%20Village%20Levi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.company_shortname=northernlightsvillagelevi&tfd=12467
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fareharbor.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:05:35 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
553 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CRSZ7X564R&cid=965709383.1733465135&gtm=45je4c40v9124931455za200zb897214346&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CRSZ7X564R&l=dataLayer&cx=c&gtm=45je4c40v897214346za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fareharbor.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:05:35 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame DBB4
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-CRSZ7X564R&gacid=965709383.1733465135&gtm=45je4c40v9124931455za200zb897214346&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1494126203
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CRSZ7X564R&l=dataLayer&cx=c&gtm=45je4c40v897214346za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fareharbor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Dec 2024 06:05:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
fareharbor.com/csp-report/
2 B
2 KB
Other
General
Full URL
https://fareharbor.com/csp-report/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-6752942f-2f9f76f441e9c2473aebf05f
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://secure.payconex.net https://cert.payconex.net dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.honeycomb.io https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
x-content-type-options
nosniff
content-length
2
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:35 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
ga-audiences
www.google.co.il/ads/
42 B
408 B
Image
General
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CRSZ7X564R&cid=965709383.1733465135&gtm=45je4c40v9124931455za200zb897214346&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=1164934420
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 06 Dec 2024 06:05:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
fareharbor.com/csp-report/
2 B
2 KB
Other
General
Full URL
https://fareharbor.com/csp-report/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-6752942f-3daf714141deb4af510d319e
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://secure.payconex.net https://cert.payconex.net dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.honeycomb.io https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
x-content-type-options
nosniff
content-length
2
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:05:35 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame F9E5
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fareharbor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1824144
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 06:05:35 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 14 Nov 2024 21:08:55 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
161090
x-content-type-options
nosniff
x-request-id
7cda0e72-cb59-4e89-8708-c32d9094b21e
x-served-by
cache-lon4253-LON
favicon.ico
fareharbor.com/
36 KB
23 KB
Other
General
Full URL
https://fareharbor.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
015e845b1eb061a34ff29f962aee72b56848d94e14e78633f7f23f0e3e4ab36e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us

Response headers

x-amz-id-2
EllDntNj8LKhBXgGcDgyo2owCBvELeqrTg4QBX23uHky2XkphVT2+T0VnxH1Kh4Ch/mWM6kKLKg=
strict-transport-security
max-age=31536000
x-amz-server-side-encryption
AES256
x-fh-loadbalancer
production
content-encoding
gzip
etag
"55cfe98f37179622fc2d327c4a80d85f"
x-content-type-options
nosniff
x-amz-request-id
TX24BTR42DR6TZTH
date
Fri, 06 Dec 2024 06:05:36 GMT
x-xss-protection
1; mode=block
content-type
image/vnd.microsoft.icon
last-modified
Thu, 05 Dec 2024 23:00:57 GMT
server
AmazonS3
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
vary
Accept-Encoding
traces
api.honeycomb.io/v1/
0
0

traces
api.honeycomb.io/v1/ Frame
0
0

collect
analytics.google.com/g/
0
57 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CRSZ7X564R&gtm=45je4c40v9124931455za200zb897214346&_p=1733465133987&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=965709383.1733465135&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1733465134&sct=1&seg=0&dl=https%3A%2F%2Ffareharbor.com%2Fembeds%2Fbook%2Fnorthernlightsvillagelevi%2Fitems%2F%3Fflow%3D103426%26language%3Den-us&dt=Northern%20Lights%20Village%20Levi&en=view_item_grid&_ee=1&ep.company_shortname=northernlightsvillagelevi&epn.flow_node_id=103426&_et=84&tfd=17604
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fareharbor.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:05:40 GMT
content-type
text/plain
server
Golfe2
traces
api.honeycomb.io/v1/
2 B
144 B
XHR
General
Full URL
https://api.honeycomb.io/v1/traces
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.105.7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://fareharbor.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
x-honeycomb-team
hcaik_01ja89093fesh5p0qrdqk7k7vt6d4d8j9sj6tmv27327c75hqrtsb133cz
Content-Type
application/json

Response headers

request-id
8c5b14610fa29d31e9fc482896edd59c
access-control-allow-origin
*
content-length
2
date
Fri, 06 Dec 2024 06:05:45 GMT
content-type
application/json
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.honeycomb.io
URL
https://api.honeycomb.io/v1/traces
Domain
api.honeycomb.io
URL
https://api.honeycomb.io/v1/traces

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| event object| envFeatureFlags object| envVars object| $$loadTime object| slipstream function| applyFocusVisiblePolyfill object| Sentry object| webpackChunkfareharbor_com function| clearImmediate function| setImmediate function| _ function| jQuery function| $ function| moment function| ldmlnum object| angular object| jQuery11240863970391323726 object| __SENTRY__ function| _ga4Setup object| google_tag_manager object| google_tag_data object| dataLayer function| _mixpanelSetup object| __sentry_instrumentation_handlers__ object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format function| djangoJsInterpolate function| T function| cT function| nT function| ncT function| Stripe object| webpackChunkStripeJSouter function| noop function| BluefinException function| isJSON function| PaymentiFrame string| _a$checkoutShopperUrl string| _a$hppUrl function| AdyenCheckout function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| $$console string| FH_VERSION function| configure object| $$cache object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| intlTelInputGlobals object| intlTelInputUtils object| $$auth object| $$navigation object| $$location object| fhLabsExperiments object| fhLabsData function| $$overrideFhLabsExperiment function| $$overrideFhLabsData object| FH object| $$cart object| $$injector function| $$digest function| $$scope boolean| __VUE__ object| $$queueToken object| analyticsContext boolean| shouldNotStartInternalTrackers function| _gTag object| gaGlobal

11 Cookies

Domain/Path Name / Value
fareharbor.com/ Name: fh-sticking-routing
Value: 870a5ab95339fc85
fareharbor.com/ Name: csrftoken
Value: BjijhL7qGBob0BegvC2EMq26QfL2qc3NAnpMmjJJKEJA6Hc7Zen6k9OOubgfLotA
fareharbor.com/ Name: fh-target-language
Value: en-us
fareharbor.com/ Name: fh-units-language
Value: en-us
fareharbor.com/ Name: fh-content-language
Value: en-us
.fareharbor.com/ Name: _ga
Value: GA1.1.965709383.1733465135
.fareharbor.com/ Name: _ga_CRSZ7X564R
Value: GS1.1.1733465134.1.0.1733465135.59.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
m.stripe.com/ Name: m
Value: 9c0d2f77-612d-4f6d-873c-af0d84918e22c5edc9
.fareharbor.com/ Name: __stripe_mid
Value: e2901c39-3570-4f74-a434-bb076e83e7fc7a88fd
.fareharbor.com/ Name: __stripe_sid
Value: a7b955f5-8466-40ab-8d12-9d305c06ea30821f73

3 Console Messages

Source Level URL
Text
security error URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/items/?flow=103426&language=en-us
Message:
[Report Only] Refused to load the image 'https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CRSZ7X564R&cid=965709383.1733465135&gtm=45je4c40v9124931455za200zb897214346&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=1164934420' because it violates the following Content Security Policy directive: "img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com".
security error URL: https://www.googletagmanager.com/
Message:
[Report Only] Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com".
security error URL: https://www.googletagmanager.com/
Message:
[Report Only] Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.honeycomb.io
cdn.filestackcontent.com
checkoutshopper-live.adyen.com
dipr2nuwo661l.cloudfront.net
fareharbor.com
js.stripe.com
o10963.ingest.sentry.io
secure.payconex.net
stats.g.doubleclick.net
td.doubleclick.net
translate.google.com
translate.googleapis.com
www.google.co.il
www.googletagmanager.com
www.gstatic.com
api.honeycomb.io
108.138.7.81
142.250.185.194
142.250.185.195
142.250.185.72
147.12.18.68
151.101.64.176
151.101.66.133
172.217.18.10
172.217.18.110
18.245.62.137
216.58.206.35
216.58.206.46
34.120.195.249
45.60.76.55
52.202.105.7
54.177.154.80
74.125.133.155
015e845b1eb061a34ff29f962aee72b56848d94e14e78633f7f23f0e3e4ab36e
0222e02af3bb1b481b762b953c0aa9c7f7c178f1ec853a666a5d35f829dc2b52
0c3d8555f64afa6222199b07a04dce2b345826ead7ad244209361a3dd50d0426
11ed52e3c767f9e58e5aaf42e5be4109269fc8b9e6cad66d53a1ebd792561264
1c197daef20de3f47eec5e2f735ec6669869d3180cc29f35be4788511e0af0f8
285b9656a21e8df80ba9451994b129425bca45fb9f89fe4763b805e5f4b6467f
37a9cf601fafc69a6805ee2453569204c5ec8e6594fff1abde27b3550a7cbd96
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46d2ae7fd4d33542d7f44c4089a05e81b2dc935c135cf6c2c7fef178aed3bed1
57629a46f282927ac36246ff996646993808cb9045d60cecc544ceea91fdf2b3
5fc4a63d9ea6feebd23869477f4ee0eb58140af70defaaf44c005391ca257cf3
629651b269b3a91a431bcd460587ac231a290945bc9c62866fc67c42abbbec83
6ef99573ab1f234dd2f5cc13fe5ded9ecb1bda48d56885b1bb1218179e210c91
7be221b7585120acee6b00a4a704773850e9dcf9cf0f4f732e64b6647df0ded2
90699ada26e838fbecaf7dffb56b296356cc127bddc0c857c34608e1810f91c7
a1b09be9a7642c5fee2094c5c169b8bfd0ff0c325cc873771bc53973b5ef60a2
b18cc555d4f4ee121a365208814327239667668d8700594b310d3c857fb6cddb
c0200f0f25658abad4240de4f1e276a6a7b1df1b8ad2e9c2aa04baa23791f9e2
c46b88c5c5746d0f309891fbe133e297327f19f287ba30ef172bd506e797ce54
c983390b6128e60d0746aeed8419d6996a567ba410861edff9468dd60a81c5e3
ca95580ab54dde0d4f5b14f4c45b8b53c1fed7a2a7d234e42f126ddcb3c9bf83
cab0cbd118de4f2881dbfb24c0c4a49d429cda90af998c3712103a18ad59f973
d0857eb54479b58212641e8d1acfbc0f2af01b87535571da9e9cd23429b0c272
d834f1d8d599d73d5d5a63edae9b409299ea5701308af351a509264ea9d51204
d8dcda3647d674150f44310f60d20e7dd79672099d14e69269a48e33d118e141
db0dd9bea99dc0decec377bfdd465da9bcf36774de3a2340c33df34ed0a654a0
db8eb6b0097c8655c42981c14b7e89d13d093ef5dabf7a979b14e079b8565c33
dffbfa6094b00631aa49667e25e7e7a17a113580f38d6d35e9f8ba87a8b972ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cb148885d816bced2f5fdfaae75086461a26047d876d33574edf6b27f58a09
eb17a51b3842b7721bce81c26643b7c79bb4d8cb48edcdedcaa51795753f60d2
ee505d522f166226f13c8253ecf613910e66dff42da789cbda38d25610b2aa62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01f5d44634c07955b4cfc61af997c2ac97a5028340bfb1ea7d42fa0e12565f2
f19a47454b277319dedb77f7b7ce012bcfc4ca706faf10dbdfab375e5e1c5f59
f30784c147853c6e73ee5be29fcd96195f1824d3bd9fbf6080860eff6188adba
f9158f023b96a61687b1a024768bcd2acdc80c9f672050cf12eb577d7cd874ed
fdad99579536793d988889fa25110c958e96f24c45f36a978b7d3dc282a030e4