finishedwarmth.club Open in urlscan Pro
2606:4700:3037::6815:537f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://europeanschoolofesthetics.ca/
Effective URL:
https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
Submission: On July 04 via api (July 4th 2024, 8:42:36 am UTC) from US — Scanned from CA

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 21 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3037::6815:537f, located in United States and belongs to CLOUDFLARENET, US. The main domain is finishedwarmth.club. The Cisco Umbrella rank of the primary domain is 485155.
TLS certificate: Issued by GTS CA 1P5 on May 14th 2024. Valid for: 3 months.

This is the only time finishedwarmth.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3032::ac43:9c04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
2	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
18	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2607:f8b0:400... 2607:f8b0:400d:c00::5e	15169 (GOOGLE) (GOOGLE)
2	3.230.124.203 3.230.124.203	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6814:1247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	172.240.253.132 172.240.253.132	7979 (SERVERS-COM) (SERVERS-COM)
1	149.56.240.132 149.56.240.132	16276 (OVH) (OVH)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::6815:333a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::6815:537f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:5b18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.133.44.9 45.133.44.9	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	108.138.85.14 108.138.85.14	16509 (AMAZON-02) (AMAZON-02)
1	3.21.82.98 3.21.82.98	16509 (AMAZON-02) (AMAZON-02)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:7e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:84bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
84	19

25 2606:4700:3032::ac43:9c04 (United States)

ASN13335 (CLOUDFLARENET, US)

europeanschoolofesthetics.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

noisesperusemotel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i3.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c00::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.124.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-124-203.compute-1.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.240.253.132 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

mariadock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
poundswarden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.132 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534300.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:333a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pro.redaffil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:537f (United States)

ASN13335 (CLOUDFLARENET, US)

finishedwarmth.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5b18 (United States)

ASN13335 (CLOUDFLARENET, US)

recordedthereby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.9 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.cloudimagesb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.85.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-14.iad12.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.21.82.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-82-98.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:84bf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	europeanschoolofesthetics.ca europeanschoolofesthetics.ca	303 KB
18	wp.com i0.wp.com — Cisco Umbrella Rank: 4434 i3.wp.com — Cisco Umbrella Rank: 43763 i1.wp.com — Cisco Umbrella Rank: 8947	63 KB
4	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 36629 t.ocmhood.com — Cisco Umbrella Rank: 11138	14 KB
4	mariadock.com mariadock.com	38 KB
4	gstatic.com fonts.gstatic.com	79 KB
2	finishedwarmth.club finishedwarmth.club — Cisco Umbrella Rank: 485155	21 KB
2	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 11861 t.dtscout.com — Cisco Umbrella Rank: 10068 Failed	4 KB
2	poundswarden.com 1 redirects poundswarden.com	5 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 10359 s4.histats.com — Cisco Umbrella Rank: 10281	5 KB
2	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 13530	617 B
2	noisesperusemotel.com noisesperusemotel.com — Cisco Umbrella Rank: 549198	23 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	ocmtag.com cdn.ocmtag.com — Cisco Umbrella Rank: 39885	816 B
1	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 18754 ic.tynt.com Failed	6 KB
1	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 15558 t.sharethis.com Failed	3 KB
1	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5269 onetag-geo.s-onetag.com Failed	8 KB
1	cloudimagesb.com cdn.cloudimagesb.com — Cisco Umbrella Rank: 19853	64 KB
1	recordedthereby.com recordedthereby.com — Cisco Umbrella Rank: 12918	28 KB
1	redaffil.com 1 redirects pro.redaffil.com — Cisco Umbrella Rank: 425354	539 B
0	capaciousdrewreligion.com Failed capaciousdrewreligion.com Failed
0	absenceoverload.com Failed absenceoverload.com Failed
84	21

	Domain	Requested by
25	europeanschoolofesthetics.ca	europeanschoolofesthetics.ca
8	i0.wp.com	europeanschoolofesthetics.ca
6	i3.wp.com	europeanschoolofesthetics.ca
4	mariadock.com	noisesperusemotel.com
4	fonts.gstatic.com	fonts.googleapis.com
4	i1.wp.com	europeanschoolofesthetics.ca
3	t.ocmhood.com	sdk.ocmhood.com
2	finishedwarmth.club	europeanschoolofesthetics.ca finishedwarmth.club
2	poundswarden.com	1 redirects europeanschoolofesthetics.ca
2	proftrafficcounter.com	noisesperusemotel.com
2	noisesperusemotel.com	europeanschoolofesthetics.ca
2	fonts.googleapis.com	europeanschoolofesthetics.ca
1	cdn.ocmtag.com	sdk.ocmhood.com
1	sdk.ocmhood.com	finishedwarmth.club
1	cdn.tynt.com	e.dtscout.com
1	pd.sharethis.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	t.dtscout.com	e.dtscout.com
1	cdn.cloudimagesb.com
1	recordedthereby.com	mariadock.com
1	pro.redaffil.com	1 redirects
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	europeanschoolofesthetics.ca
0	t.sharethis.com Failed	pd.sharethis.com
0	onetag-geo.s-onetag.com Failed	get.s-onetag.com
0	ic.tynt.com Failed
0	capaciousdrewreligion.com Failed	mariadock.com
0	absenceoverload.com Failed
84	29

This site contains no links.

Subject Issuer	Validity	Valid
europeanschoolofesthetics.ca WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
noisesperusemotel.com R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
s10.histats.com E5	`2024-06-09` - `2024-09-07`	3 months	crt.sh
mariadock.com R11	`2024-07-01` - `2024-09-29`	3 months	crt.sh
histats.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
finishedwarmth.club GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
recordedthereby.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
cdn.cloudimagesb.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-20`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
ocmhood.com E6	`2024-06-29` - `2024-09-27`	3 months	crt.sh
ocmtag.com Cloudflare Inc ECC CA-3	`2023-12-25` - `2024-12-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
Frame ID: 17C9520E9886D162B2EC5257EA1DBD26
Requests: 85 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01720082551E3C3768A6001113205
Frame ID: DA603871EFF693694A0729609A031553
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Allow

Page URL History Show full URLs

https://europeanschoolofesthetics.ca/ Page URL
https://pro.redaffil.com/phxUjW/?utm_source=3576&utm_campaign=16691144&clck=3d6039a6d43cc1aacb09c77ed... HTTP 302
https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

84
Requests

87 %
HTTPS

53 %
IPv6

21
Domains

29
Subdomains

19
IPs

2
Countries

663 kB
Transfer

1320 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://europeanschoolofesthetics.ca/ Page URL
https://pro.redaffil.com/phxUjW/?utm_source=3576&utm_campaign=16691144&clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139 HTTP 302
https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://poundswarden.com/watch.663942221091.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22european%22%2C%22school%22%2C%22of%22%2C%22fest%22%2C%22%E2%80%93%22%2C%22school%22%2C%22news%22%2C%22update%22%2C%222024%22%5D&refer=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&tz=-7&dev=r&res=14.31&uuid=42f38d7b-e6f0-44f4-b447-69d3efa84c3b%3A2%3A1 HTTP 307
https://poundswarden.com/watch.663942221091.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22european%22%2C%22school%22%2C%22of%22%2C%22fest%22%2C%22%E2%80%93%22%2C%22school%22%2C%22news%22%2C%22update%22%2C%222024%22%5D&pst=1720082611&refer=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&res=14.31&rmtc=t&shu=b3f48f6171d8a7fd64ff08742623669c41cef07362f7cf5165451db1e24cf6cbcc71e75c23133a5b15fb9f5338590385c290b8030e8106ec633fbf55f292a735125115ac8a23b1784b470c753f61ff645514aadcd0042faa03cd09843f40&tz=-7&uuid=42f38d7b-e6f0-44f4-b447-69d3efa84c3b%3A2%3A1

84 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
europeanschoolofesthetics.ca/ 41 KB
10 KB 2422ms
1738ms Document
text/html 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c79f77e165fc4fe718db72fbb1d5469db58792268362ffd4003f299ee24dcc

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89ddd26b2a3f39fb-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 08:42:28 GMT
link: <https://europeanschoolofesthetics.ca/wp-json/>; rel="https://api.w.org/" <https://europeanschoolofesthetics.ca/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json" <https://europeanschoolofesthetics.ca/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3SBV9yLKcmnGoIzSnLToCj%2BfzRW29wv%2BYwcHLF%2F0VPpFWNNDMt5VoA8NgTOymsJWp%2B2r45ZoDGG9Nq1pljgDuKLXcBS6IOR%2F%2Fo%2FJQYbROaDVzYW%2FEO27Go7YRVMNXj89TeTIeX45eMeJ8DLsVBgBOX8Is2PIMFiuyFDA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 990_HTTP.200,990_front,990_URL.6666cd76f96956469e7be39d750cc7d9,990_F,990_Po.10,990_PGS,990_

GET
H3 200 style.min.css
europeanschoolofesthetics.ca/wp-includes/css/dist/block-library/ 111 KB
15 KB 536ms
534ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 May 2024 15:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1bae5-665895db-6965d2d;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gRj8llPq7wYXerbVwiHCJGRjhf5pqfHk45UGfh7%2BnBUjyXERtyIZUscvQEMR9TerXbCgcBtJGGwdtmr4cJ7TT5h8b54wkQqD2QqBDA49SWSbshQbukQjmkGEwJfFMmYuK5ih3D8o6gHUJqFa5Gt%2ByWn7feXkPfcM8xkV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f2439fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 wpp.css
europeanschoolofesthetics.ca/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
1 KB 445ms
441ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Mar 2024 14:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"688-65ef1906-6966bf2;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOzClLVvSxhUyRqFoCCyBO0DB%2B5NdBSwe%2FY6o0hXq55TTDp851BUXlyatgwLaZSnvn7ZoGTvKxzT9yoee%2FLoa7XAWshLiOdJEOCSoPbmSaMK5HnHeVKyyBWpTo4x2d%2BcplRnZzmrbfz4dmDP5QrRQb36WCDyqVBEd1RO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f2939fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
720 B 572ms
194ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C700%7CPoppins%3A300%2C400%2C400i%2C500%2C700&subset=latin%2Clatin-ext

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eff968d342d78b6a27e9270a9423e0caaa75b084382d95c3c806de467d7a9482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 08:34:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 08:42:28 GMT

GET
H3 200 boxicons.min.css
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/box-icons/css/ 68 KB
12 KB 537ms
534ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/box-icons/css/boxicons.min.css?ver=2.1.4
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7dfb4b3f8dcdd33057d97aca67e1aadfc3cb2f4155bf76bce2851773b31500

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10e35-667ad677-6a008e2;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCkMgK2ScE6yCqE2nrZHaPg%2B6O%2BFMQi5gaEiARgdyln48cVaOEXfDHjsqUXn3Jqn3AENOe71MchLrrvirlPKmAkWetHmgX0r2MRjXDr3ua0dygaWdh6%2FwZsRqIifcG2X3%2B8ifWvCVOoPd68heJfi6IocbaY0XXspFQWU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f2a39fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 lightslider.min.css
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/lightslider/css/ 5 KB
2 KB 448ms
445ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/lightslider/css/lightslider.min.css?ver=6.5.5
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aff974bd95503affabc47bfa7da677108ec1c1ea0f54b4065814b355897c400

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"159e-667ad677-6a00929;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaLbdC5tVHa3GzSw8VLYZvDHpIracWKxrPmNcYz8lmxrQAf5FpwJRCK%2Bvna2Nuv2ZEytapdv9Lac7coxXG84vYQ1a6bvegGjgvEJBhXqgcjTmEW%2B9k41gXU5eUOsme3YCeButUtZQxqSpqtGecoclE1vvsOuHyzBUEfK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f2b39fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 mt-preloader.min.css
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/css/min/ 5 KB
2 KB 537ms
535ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/css/min/mt-preloader.min.css?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c895bb44a1ae7bdee7db37806e0bc61449fcfef31fa80a1dd55e02a23c3d54a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1577-667ad677-6a0084b;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NkETo5dR3QlrJmNrDkEYptJQ5ry4ZD46zUjtoTGyk%2B0Qls0dCe3Ln17DlZF45n0VOoZJ1IzGhzFDGXjsgWd%2F36zYRybOaCPAJlxdtcQsuW62TlpYjC8pHot%2BGrrfRp2TjhUcAegJ31x27tW8na1ceGIPyHa6ri%2BYKkQS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f2c39fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 521ms
144ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo%3A400%2C400i%2C%2C500%2C600%2C700&subset=latin%2Clatin-ext

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3210e1769d1dee8c52b604cfd5062637af41e84757c39e7b0d34c6961a5a953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 08:42:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 08:42:28 GMT

GET
H3 200 style.css
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/ 60 KB
13 KB 454ms
452ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/style.css?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65974d5ef3f8f8982fc478eaa4b0ab39f79132f8202b2cb7ea4b9a5c0b3c8c42

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ee81-667ad677-6a00a85;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8J8UDkje52wH2rw3JuablcKi%2FrmYSKe1XrLsc449fekoQI6nOVsKNPyiSejiL5s4QcfkOXz5lDEvW9roMElxYAJm45j%2BbUu3v3r0c9ePY7wB0hnNK6MFSDNrWDuwny0b6dSL9oWsjO9hxCyDTHeoC5WFvOJOuwf8CaxN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f2d39fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 mt-responsive.css
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/css/ 12 KB
3 KB 442ms
440ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/css/mt-responsive.css?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e144301a9cc1342f995655e81f029b6af07a1fe976c8802202fa87004f9f4ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3015-667ad677-6a00867;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTKLRkkTyfUKd3HEW%2BNQP35OJ2hg8Cq6rGPzRe9ZKW0qm3%2Fu1raoGcV1nOpy7ehjjnlFBOcl9529JIY%2FWB614AxvfxZoPUry7d16eRcRhMaQDGCE82ztVxrl67IDqcwhB9oHihxpZwbxQ0mmGdihQIyKv%2BWcVGErWgsO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f2f39fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 style.css
europeanschoolofesthetics.ca/wp-content/themes/color-newspaper/ 3 KB
2 KB 444ms
442ms Stylesheet
text/css 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-newspaper/style.css?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8d25922476c7f97358dc3825d861349a6080ef104b3c4d558c65bc9ee3b2c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 17:02:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b37-6654bc8f-6966575;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ce7Qax38Db%2Bq5hrhJZUTXduCaSOvlE2AhZwJlRP7MhATDQCo1zQVFbOmhWHp4G2YQUDfDIqJwFBoXzva1obIYrfCXzfvH1bsmNSO4UznywTUZSWh%2BRhSCZ4hFDdAmLJLmCicEZv3NeknbmwlFyhdqeKG69H%2Bn8ntlcyj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 89ddd2761f3039fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 jquery.min.js Show response
europeanschoolofesthetics.ca/wp-includes/js/jquery/ 86 KB
31 KB 626ms
625ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 May 2024 15:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-665895db-6965682;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYyjsHMSSQogURoxYBgl1Efgf8PRc8CSSf84ig0zAbaGnY6IyFyKGA7j%2BOLo23lubx8ykwIB%2FV6MgNz5PsoCZDYLTwjzHgE9Fec1GA8Q0EKxi1N6vdhUPuKzyhpvdUy%2BH9NvUS9gl7%2FUZvuTufWA85cCZtM4yJIYTlMP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd2761f3139fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 jquery-migrate.min.js Show response
europeanschoolofesthetics.ca/wp-includes/js/jquery/ 13 KB
5 KB 720ms
718ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 May 2024 15:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-665895db-69656dc;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eru%2FFe2ffKQ3FgFZ6mFVFirnYUJquYTuKrSIYSR4L1Y3LWibw0vDTZTIm9YozLYytNCn2U4TG9WFF69F0g1bAsq%2B6snwM1%2B4%2Fx1YTmcquwd39mw26wZwCvKxIjhdld1TWu%2F%2BXva6eGmGsw1z82a1OwbXzxmDClD5dAKy"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd2761f3239fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H3 200 wpp.min.js Show response
europeanschoolofesthetics.ca/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 452ms
450ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Mar 2024 14:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11d3-65ef1906-6966bc9;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cLICetAYzXGoIGNRu9aTpeWCivQYjdHOPSAue2ULP37Ke1y4HepC%2BrDEpUk4vo5mfBDU2EPrqYzOQHqjBnf%2FhXqxFb4epfE55qE9tfpxjAEvHiiHjgRhwYMwluGp3HA%2FYgdPtf5GAaQnTZCqdEFuwH7Ycz7%2FM0YpB3Y"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd2761f3339fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:28 GMT

GET
H/1.1 200
OK invoke.js Show response
noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/ 26 KB
10 KB 1180ms
119ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

8a978e53aa8e093954baa8119e7a83c2c3f7804fbc2e6ab3a60b0a92212651b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 08:42:30 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 5fb1ccdf1f938645eb537638ad662a96
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 durant-club.png
i0.wp.com/www.opencourt-basketball.com/wp-content/uploads/2024/06/ 26 KB
27 KB 2188ms
1850ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.opencourt-basketball.com/wp-content/uploads/2024/06/durant-club.png?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a14ebdc0b896eadf1c237fda97fe9a2db82b1d08a5ac48f9a487ffaa6535c36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 26760
x-nc: MISS yyz 4
last-modified: Thu, 04 Jul 2024 08:42:30 GMT
server: nginx
etag: "0c5edc46cc5de9da"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.opencourt-basketball.com/wp-content/uploads/2024/06/durant-club.png>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:30 GMT

GET
H2 200 36728281_web1_240704-FOF-Green-thumb-KEY_1.jpg
i0.wp.com/www.forksforum.com/wp-content/uploads/2024/07/ 4 KB
4 KB 882ms
544ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.forksforum.com/wp-content/uploads/2024/07/36728281_web1_240704-FOF-Green-thumb-KEY_1.jpg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7215cd27128004863d52e67755d36ea3a8317bc9b818d860f67866e8f25023ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3954
x-nc: MISS yyz 4
last-modified: Thu, 04 Jul 2024 08:42:28 GMT
server: nginx
etag: "28c3068417a8fe4b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.forksforum.com/wp-content/uploads/2024/07/36728281_web1_240704-FOF-Green-thumb-KEY_1.jpg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:28 GMT

GET
H2 200 tagreuters.com2023binary_LYNXMPEJ3O0V2-BASEIMAGE.jpg
i3.wp.com/www.shorenewsnetwork.com/wp-content/uploads/Reuters_Direct_Media/USOnlineReportDomesticNews/ 2 KB
2 KB 142ms
109ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/www.shorenewsnetwork.com/wp-content/uploads/Reuters_Direct_Media/USOnlineReportDomesticNews/tagreuters.com2023binary_LYNXMPEJ3O0V2-BASEIMAGE.jpg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b1012842202ba2c9bffb8d18d4b612352b0d807512dd379c313f1448f24947c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1962
x-nc: MISS yyz 2
last-modified: Thu, 20 Jun 2024 22:36:46 GMT
server: nginx
etag: "70d739c12650821a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.shorenewsnetwork.com/wp-content/uploads/Reuters_Direct_Media/USOnlineReportDomesticNews/tagreuters.com2023binary_LYNXMPEJ3O0V2-BASEIMAGE.jpg>; rel="canonical"
expires: Sun, 21 Jun 2026 10:36:46 GMT

GET
H2 200 74174835007-bens-store-closing-2.JPG
i1.wp.com/www.gannett-cdn.com/authoring/authoring-images/2024/06/21/PDEM/ 8 KB
9 KB 363ms
355ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.gannett-cdn.com/authoring/authoring-images/2024/06/21/PDEM/74174835007-bens-store-closing-2.JPG?auto=webp&crop=3455,1944,x0,y345&format=pjpg&width=1200&w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3273b42ec1461385656f90e4b21e7197602f4bf6a4915dc2e46f64f2fdc29b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
x-bytes-saved: 516
alt-svc: h3=":443"; ma=86400
content-length: 8445
x-nc: MISS yyz 1
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "e02a82543af8924d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.gannett-cdn.com/authoring/authoring-images/2024/06/21/PDEM/74174835007-bens-store-closing-2.JPG>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H2 200 7bb619a71962d9fe267d903e57bff1d4
i1.wp.com/media.zenfs.com/en/the_independent_577/ 4 KB
4 KB 218ms
210ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/media.zenfs.com/en/the_independent_577/7bb619a71962d9fe267d903e57bff1d4?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

aa83ceb03e5568ba0a0379d214f746e01fae32533b389e42d0199456dcc4e2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
x-bytes-saved: 132
alt-svc: h3=":443"; ma=86400
content-length: 3958
x-nc: MISS yyz 3
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "63163d6c4a10085e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://media.zenfs.com/en/the_independent_577/7bb619a71962d9fe267d903e57bff1d4>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H2 200 Unknown-16.jpeg
i0.wp.com/www.uww.edu/images/mmr/news/2024/07Jul/ 4 KB
5 KB 623ms
620ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.uww.edu/images/mmr/news/2024/07Jul/Unknown-16.jpeg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0b2ca1d588b2e79c5a2c8a3cb42e01a40bfd3f8b2a5634e3cc0a74741d620ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4356
x-nc: MISS yyz 2
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "490a9bafeab8f2be"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.uww.edu/images/mmr/news/2024/07Jul/Unknown-16.jpeg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H2 400 resize
i3.wp.com/images.ladbible.com/ 87 B
87 B 313ms
285ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.wp.com/images.ladbible.com/resize?type=webp&quality=70&width=1200&fit=contain&gravity=auto&url=https://images.ladbiblegroup.com/v3/assets/blt949ea8e16e463049/blt17f0cd74303be90f/6686560c9232e21ac32fac75/netflix-film-most-disturbing-yet.png&w=150&resize=150,150&ssl=1
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i0.wp.com
Software: nginx /
Resource Hash: 3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: EXPIRED yyz 4
date: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
alt-svc: h3=":443"; ma=86400
content-type: text/html; charset=utf-8

GET
H2 200 00noncompete-hqcz-facebookJumbo.jpg
i0.wp.com/adherents.com/wp-content/uploads/2024/07/ 3 KB
4 KB 140ms
137ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/adherents.com/wp-content/uploads/2024/07/00noncompete-hqcz-facebookJumbo.jpg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4ed8f562586c812a72b02c5295582360a3947f5cfe276a9fe1e3c8a35069c692

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3406
x-nc: MISS yyz 2
last-modified: Thu, 04 Jul 2024 08:42:28 GMT
server: nginx
etag: "d8527e97c98f9cef"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://adherents.com/wp-content/uploads/2024/07/00noncompete-hqcz-facebookJumbo.jpg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:28 GMT

GET
H2 200 15020111_grocery-store-file-img.jpg
i3.wp.com/cdn.abcotvs.com/dip/images/ 8 KB
8 KB 331ms
304ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/cdn.abcotvs.com/dip/images/15020111_grocery-store-file-img.jpg?w=1600&w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

497920432082d9ba542b756f92e3ea31e633315f321f948131282e1a094fba87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7686
x-nc: MISS yyz 2
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "1552dcb06199ca77"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://cdn.abcotvs.com/dip/images/15020111_grocery-store-file-img.jpg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H3 200 mt-combine-scripts.js Show response
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/ 63 KB
19 KB 552ms
548ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/mt-combine-scripts.js?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65b5e078d3c0601eda82a3a29ed8dc9d127346c7ffffb42d2f812d2438753b0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fa4d-667ad677-6a008c8;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1ZFj8Ke5jouHzPLxNcrxxTv2dvymBmGePW1BX2gbyPo0h2FA%2Fwa2hQcPY51ldqDukMFww%2B3yEuxq03Z6bNNweykCxFAF2G%2BfERcGHR8rjJcYB%2Fv7rZo5gygdvniCCCN2eqDUAwv2jhjjOrSfQcPfs0XX0lT7oKnCDRc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd27ab93f39fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:29 GMT

GET
H3 200 navigation.js Show response
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/ 2 KB
1 KB 439ms
434ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/navigation.js?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb685a6ab7b7b23117937542fd1f73f9bd946e9ceb98834e2f9e3bdd94e1dd39

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8ec-667ad677-6a008d6;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWk5YVqFPEj7nYkSxHwaL%2B7WDXPbfUzEOzMPPxy8IycQCPtI7GqopS1XmLXYWRyTi2cwNZJrFIOljWzWhGKE%2F8n2sehZ5DVyu3T46k5unvVBNVrg0HUn2sSHVDnqdJq01q6GpokNZ1h%2FJ%2FrzKhOtKhLV%2F8TXS92vAz0i"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd27ab94039fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:29 GMT

GET
H3 200 skip-link-focus-fix.js Show response
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/ 684 B
905 B 436ms
433ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/skip-link-focus-fix.js?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f8d252a34db20e41b9f3fcf51c022ad2f0876bd47be65caba671bb8bad7ccc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2ac-667ad677-6a008d8;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zzy1JTq%2F2b35KOkZuMd7QRlt0xJUxn%2FKsidkqR7SbmcR88OfUkO66P%2BET6Zy50aQtdoLBiwfAnzpt1T02uo4jPXCjmBJXcNydNPEb75hSvCEUi%2FVmQpe4pGQfjDh9dldi16SswG7qjpzO%2FMDIQiN%2BuaFaUtZRZ5SviUO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd27ab94139fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:29 GMT

GET
H3 200 mt-custom-scripts.min.js Show response
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/min/ 4 KB
2 KB 439ms
436ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/js/min/mt-custom-scripts.min.js?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3863c3d532eb1e7e51237e88666e1b78f8ca7118997107416ba360ba3d6a2024

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e10-667ad677-6a008bc;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1hDG3SqAvJQSQBT72f7bjSbzT98cXQmg95GxK%2BspZ7aL4MRrcO20sitCwUGGHl6XTJcK3mCzScxR%2Ff79csogCbx8%2BjyH7dddXJYaWv7ZtYGrqmH7fcsZwxTTZ%2BQ2BOb2AYLRgpET1jGs%2FgEjnIfkgT8p3caOuflhb4F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd27ab94339fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:29 GMT

GET
H3 200 theia-sticky-sidebar.min.js Show response
europeanschoolofesthetics.ca/wp-content/themes/color-newspaper/assets/library/sticky-sidebar/ 5 KB
2 KB 437ms
434ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-newspaper/assets/library/sticky-sidebar/theia-sticky-sidebar.min.js?ver=1.7.0
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9054bc2c86a74a33e48d3b82fa5ba9e18a03401a46bf0ffffde465b657401c72

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 17:02:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1535-6654bc8f-696657b;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElJ9izkOHGuaWHNqpqZumYxYwhPFZMEcwx%2FFsZX2LOBkZaVPUvsftd8mvwfzsrpQ40OqIJsBlBqOTcT60VuvD4qNfgw9d9VdqSs%2FT2rEptzls%2BXggiASagmTK1nRJhzXvRQblwa1UJsICP%2BvNJNxt%2F%2FaVwgnb14dstm5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd27ab94439fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:29 GMT

GET
H3 200 custom-scripts.js Show response
europeanschoolofesthetics.ca/wp-content/themes/color-newspaper/assets/js/ 329 B
728 B 437ms
435ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-newspaper/assets/js/custom-scripts.js?ver=1.0.2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf1fa55b44ba63ab78a2fdfcb46550a4efce9c4870a7f2d2d15256cb0b3e134

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 17:02:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"149-6654bc8f-6966578;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLX7omXVbAhXEwY2Vgm%2Bm57oNjH2K27mBxyK0wvpNwWhPxEJO94cCJ5VktsCyUwdbY6rbTBUl6ThSZnyGcCdJJlZY5GCH2gMCexeQPHIlA4LiS49n0Hd83gqd%2B090G6JHniAoNuGDPupaMLXHV8uBRcw1XnI5GEL1Fr7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd27ab94539fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:29 GMT

GET
BLOB 200
OK 82304759-c6c9-494a-b233-4d349bbcb101
https://europeanschoolofesthetics.ca/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://europeanschoolofesthetics.ca/82304759-c6c9-494a-b233-4d349bbcb101
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H/1.1 200
OK invoke.js Show response
noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/ 31 KB
12 KB 1156ms
109ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

8102305470c08e15e52ef92bcb8da00580ff3eb59d2c44406153d30a0e0bc829

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 08:42:29 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 4f6c1e61dfe2e4d9108be3d37fc5fa53
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 578ms
149ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C700%7CPoppins%3A300%2C400%2C400i%2C500%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://europeanschoolofesthetics.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 10:02:37 GMT
x-content-type-options: nosniff
age: 167992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 10:02:37 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
309 B 563ms
165ms XHR
text/html 3.230.124.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.124.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-124-203.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: 75011796d84b3e083d0b102535b105e11297a66b6797c137f6706996424aa9b9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://europeanschoolofesthetics.ca
date: Thu, 04 Jul 2024 08:42:30 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 485ms
102ms Script
text/javascript 2606:4700:10::6814:1247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 48360
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 89ddd28468c5ab54-YYZ
content-length: 4547

GET
H3 200 boxicons.woff2
europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/box-icons/fonts/ 113 KB
114 KB 718ms
716ms Font
font/woff2 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/box-icons/fonts/boxicons.woff2
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/box-icons/css/boxicons.min.css?ver=2.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b87cbc74f3ffaf08314a5d81b501be6fc36f553dbe446ef5a4b29f0138ba0b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/wp-content/themes/color-magazine/assets/library/box-icons/css/boxicons.min.css?ver=2.1.4
Origin: https://europeanschoolofesthetics.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:30 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 14:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1c3e0-667ad677-6a00906;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHoL8T2Lj0HYlFIOafMcTKJjCRw6VkrPHWNy4i4ezS5gP02JCeVphOPD8TKFXkJL5G%2F1Ub3U7F3U81%2FvNblIjF6gVoi%2FUwF2rYHvWzBjeRtJp5vljxJuy1n5DsQj6nCdvnwSNrCnR7A%2FgbGa9U76d18K8lbMNYwi1ues"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 89ddd2822ca039fb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 115680
expires: Thu, 04 Jul 2024 20:42:30 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 120ms
118ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C700%7CPoppins%3A300%2C400%2C400i%2C500%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://europeanschoolofesthetics.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:21:11 GMT
x-content-type-options: nosniff
age: 148879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:21:11 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v32/ 28 KB
28 KB 151ms
150ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C700%7CPoppins%3A300%2C400%2C400i%2C500%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://europeanschoolofesthetics.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:22:53 GMT
x-content-type-options: nosniff
age: 148777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28600
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:22:53 GMT

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
35 KB 178ms
177ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo%3A400%2C400i%2C%2C500%2C600%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://europeanschoolofesthetics.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 10:11:06 GMT
x-content-type-options: nosniff
age: 167484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 10:11:06 GMT

GET
H3 200 wp-emoji-release.min.js Show response
europeanschoolofesthetics.ca/wp-includes/js/ 18 KB
5 KB 438ms
438ms Script
text/javascript 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://europeanschoolofesthetics.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 May 2024 15:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4926-665895db-69654c5;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5bQqA%2BrTTl9h8elEpdHuIHL8bJanR7DmEgHZIKpk4zWinH5p1sJGDeE6fVpbAVnSP3SC9vr61k7VAYj1O1zaizy8bdk5BV3xHyyccl6XkaGWR2dZSPNmuZvKstEJQZdUcrrW65mTTGfEafeqYCyCtPit52Hkf7v2W6D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=43200
cf-ray: 89ddd2823ca239fb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 20:42:30 GMT

POST
H3 200 widget
europeanschoolofesthetics.ca/wp-json/wordpress-popular-posts/v2/ 5 KB
2 KB 1626ms
1626ms XHR
application/json 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://europeanschoolofesthetics.ca/wp-json/wordpress-popular-posts/v2/widget?is_single=0

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://europeanschoolofesthetics.ca/
X-Requested-With: XMLHttpRequest
X-WP-Nonce: e9f8b0c63a
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control: no-cache
x-litespeed-tag: 990_HTTP.200
alt-svc: h3=":443"; ma=86400
content-length: 775
server: cloudflare
allow: POST
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://europeanschoolofesthetics.ca
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYQ5J32%2B12DGuhjYtoGJW9YgfUV%2FWzXRcVa1jxC8fLLRnEzBK4QKRYtK9Ts6ljoFAx2JHXvbt99lsBsEuxXO8Ogyb4vnyeIe4aQLDNgDOpDHOmISk0YQ3molBSf7yQGYmLLuj5BVCcMFcFt5hSf1bdoGzul1PX50xjQr"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-robots-tag: noindex
x-wp-nonce: e9f8b0c63a
link: <https://europeanschoolofesthetics.ca/wp-json/>; rel="https://api.w.org/"
cf-ray: 89ddd2823ca439fb-YYZ
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
308 B 629ms
95ms XHR
text/html 3.230.124.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.124.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-124-203.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: cc1f348aca3447094ded24afee736d21571081e90a695a4967b9254177766b5e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://europeanschoolofesthetics.ca
date: Thu, 04 Jul 2024 08:42:30 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ntv.json
mariadock.com/ 4 KB
6 KB 1789ms
447ms XHR
application/json 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mariadock.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1

Requested by

Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 08:42:31 GMT
Custom-Referer: https://europeanschoolofesthetics.ca
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: application/json
Access-Control-Allow-Origin: https://europeanschoolofesthetics.ca
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4440
X-Request-ID: 15127e3c03d7230cae7458ca62174185
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK de40747527625eb4f2cfd573cb92ac16.js
mariadock.com/de/40/74/ 82 KB
31 KB 1715ms
374ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mariadock.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js

Requested by

Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 08:42:31 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 6a469bce41d751f301f9d227032a5235
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 durant-club.png
i0.wp.com/www.opencourt-basketball.com/wp-content/uploads/2024/06/ 26 KB
0 223ms
223ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.opencourt-basketball.com/wp-content/uploads/2024/06/durant-club.png?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a14ebdc0b896eadf1c237fda97fe9a2db82b1d08a5ac48f9a487ffaa6535c36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 26760
x-nc: MISS yyz 4
last-modified: Thu, 04 Jul 2024 08:42:30 GMT
server: nginx
etag: "0c5edc46cc5de9da"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.opencourt-basketball.com/wp-content/uploads/2024/06/durant-club.png>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:30 GMT

GET
H2 200 36728281_web1_240704-FOF-Green-thumb-KEY_1.jpg
i0.wp.com/www.forksforum.com/wp-content/uploads/2024/07/ 4 KB
0 0ms
0ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.forksforum.com/wp-content/uploads/2024/07/36728281_web1_240704-FOF-Green-thumb-KEY_1.jpg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7215cd27128004863d52e67755d36ea3a8317bc9b818d860f67866e8f25023ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3954
x-nc: MISS yyz 4
last-modified: Thu, 04 Jul 2024 08:42:28 GMT
server: nginx
etag: "28c3068417a8fe4b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.forksforum.com/wp-content/uploads/2024/07/36728281_web1_240704-FOF-Green-thumb-KEY_1.jpg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:28 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/www.shorenewsnetwork.com/wp-content/uploads/Reuters_Direct_Media/USOnlineReportDomesticNews/tagreuters.com2023binary_LYNXMPEJ3O0V2-BASEIMAGE.jpg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b1012842202ba2c9bffb8d18d4b612352b0d807512dd379c313f1448f24947c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1962
x-nc: MISS yyz 2
last-modified: Thu, 20 Jun 2024 22:36:46 GMT
server: nginx
etag: "70d739c12650821a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.shorenewsnetwork.com/wp-content/uploads/Reuters_Direct_Media/USOnlineReportDomesticNews/tagreuters.com2023binary_LYNXMPEJ3O0V2-BASEIMAGE.jpg>; rel="canonical"
expires: Sun, 21 Jun 2026 10:36:46 GMT

GET
H2 200 74174835007-bens-store-closing-2.JPG
i1.wp.com/www.gannett-cdn.com/authoring/authoring-images/2024/06/21/PDEM/ 8 KB
0 2ms
2ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3273b42ec1461385656f90e4b21e7197602f4bf6a4915dc2e46f64f2fdc29b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
x-bytes-saved: 516
alt-svc: h3=":443"; ma=86400
content-length: 8445
x-nc: MISS yyz 1
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "e02a82543af8924d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.gannett-cdn.com/authoring/authoring-images/2024/06/21/PDEM/74174835007-bens-store-closing-2.JPG>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H2 200 7bb619a71962d9fe267d903e57bff1d4
i1.wp.com/media.zenfs.com/en/the_independent_577/ 4 KB
0 2ms
2ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/media.zenfs.com/en/the_independent_577/7bb619a71962d9fe267d903e57bff1d4?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

aa83ceb03e5568ba0a0379d214f746e01fae32533b389e42d0199456dcc4e2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
x-bytes-saved: 132
alt-svc: h3=":443"; ma=86400
content-length: 3958
x-nc: MISS yyz 3
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "63163d6c4a10085e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://media.zenfs.com/en/the_independent_577/7bb619a71962d9fe267d903e57bff1d4>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H2 200 Unknown-16.jpeg
i0.wp.com/www.uww.edu/images/mmr/news/2024/07Jul/ 4 KB
0 2ms
2ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.uww.edu/images/mmr/news/2024/07Jul/Unknown-16.jpeg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0b2ca1d588b2e79c5a2c8a3cb42e01a40bfd3f8b2a5634e3cc0a74741d620ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4356
x-nc: MISS yyz 2
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "490a9bafeab8f2be"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.uww.edu/images/mmr/news/2024/07Jul/Unknown-16.jpeg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H2 400 resize
i3.wp.com/images.ladbible.com/ 87 B
87 B 78ms
74ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.wp.com/images.ladbible.com/resize?type=webp&quality=70&width=1200&fit=contain&gravity=auto&url=https://images.ladbiblegroup.com/v3/assets/blt949ea8e16e463049/blt17f0cd74303be90f/6686560c9232e21ac32fac75/netflix-film-most-disturbing-yet.png&w=150&resize=150,150&ssl=1
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i0.wp.com
Software: nginx /
Resource Hash: 3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT yyz 4
date: Thu, 04 Jul 2024 08:42:30 GMT
server: nginx
alt-svc: h3=":443"; ma=86400
content-type: text/html; charset=utf-8

GET
H2 200 00noncompete-hqcz-facebookJumbo.jpg
i0.wp.com/adherents.com/wp-content/uploads/2024/07/ 3 KB
0 2ms
2ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/adherents.com/wp-content/uploads/2024/07/00noncompete-hqcz-facebookJumbo.jpg?w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4ed8f562586c812a72b02c5295582360a3947f5cfe276a9fe1e3c8a35069c692

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3406
x-nc: MISS yyz 2
last-modified: Thu, 04 Jul 2024 08:42:28 GMT
server: nginx
etag: "d8527e97c98f9cef"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://adherents.com/wp-content/uploads/2024/07/00noncompete-hqcz-facebookJumbo.jpg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:28 GMT

GET
H2 200 15020111_grocery-store-file-img.jpg
i3.wp.com/cdn.abcotvs.com/dip/images/ 8 KB
0 3ms
3ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/cdn.abcotvs.com/dip/images/15020111_grocery-store-file-img.jpg?w=1600&w=150&resize=150,150&ssl=1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

497920432082d9ba542b756f92e3ea31e633315f321f948131282e1a094fba87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:29 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7686
x-nc: MISS yyz 2
last-modified: Thu, 04 Jul 2024 08:42:29 GMT
server: nginx
etag: "1552dcb06199ca77"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://cdn.abcotvs.com/dip/images/15020111_grocery-store-file-img.jpg>; rel="canonical"
expires: Sat, 04 Jul 2026 20:42:29 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 377 B
512 B 571ms
91ms Script
text/html 149.56.240.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4636861&@f16&@g1&@h1&@i1&@j1720082550540&@k0&@l1&@mEuropean%20School%20of%20fest%20%E2%80%93%20School%20News%20Update%202024&@n0&@o1000&@q0&@r0&@s0&@ten-CA&@u1600&@b1:95324832&@b3:1720082551&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Feuropeanschoolofesthetics.ca%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.132 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534300.ip-149-56-240.net
Software: /
Resource Hash: 7e306c677ade23d6369ede0a5ad38292f816e4bea8b3abe31ef8d4e3125123dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 08:42:39 GMT
Connection: close
Content-Length: 377
Content-Type: text/html;charset=UTF-8

GET
H/1.1

200
OK

watch.663942221091.js
poundswarden.com/
Redirect Chain

https://poundswarden.com/watch.663942221091.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22european%22%2C%22school%22%2C%22of%22%2C%22fest%22%2C%22%E2%80%93%22%2C%22school%22%2C%22news%22%2C%22up...
https://poundswarden.com/watch.663942221091.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22european%22%2C%22school%22%2C%22of%22%2C%22fest%22%2C%22%E2%80%93%22%2C%22school%22%2C%22news%22%2...

1 KB
2 KB

116ms
115ms

XHR
text/html

172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://poundswarden.com/watch.663942221091.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22european%22%2C%22school%22%2C%22of%22%2C%22fest%22%2C%22%E2%80%93%22%2C%22school%22%2C%22news%22%2C%22update%22%2C%222024%22%5D&pst=1720082611&refer=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&res=14.31&rmtc=t&shu=b3f48f6171d8a7fd64ff08742623669c41cef07362f7cf5165451db1e24cf6cbcc71e75c23133a5b15fb9f5338590385c290b8030e8106ec633fbf55f292a735125115ac8a23b1784b470c753f61ff645514aadcd0042faa03cd09843f40&tz=-7&uuid=42f38d7b-e6f0-44f4-b447-69d3efa84c3b%3A2%3A1

Requested by

Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/

Protocol

HTTP/1.1

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://europeanschoolofesthetics.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 04 Jul 2024 08:42:31 GMT
Custom-Referer: https://europeanschoolofesthetics.ca
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: b2e17aa7f76f03d8a47c7af28b268e2c
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://europeanschoolofesthetics.ca
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Thu, 04 Jul 2024 08:42:31 GMT
Custom-Referer: https://europeanschoolofesthetics.ca
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: 160b8c5e6333cf2d6c057ecd0ed7ff05
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://europeanschoolofesthetics.ca
Location: https://poundswarden.com/watch.663942221091.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22european%22%2C%22school%22%2C%22of%22%2C%22fest%22%2C%22%E2%80%93%22%2C%22school%22%2C%22news%22%2C%22update%22%2C%222024%22%5D&pst=1720082611&refer=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&res=14.31&rmtc=t&shu=b3f48f6171d8a7fd64ff08742623669c41cef07362f7cf5165451db1e24cf6cbcc71e75c23133a5b15fb9f5338590385c290b8030e8106ec633fbf55f292a735125115ac8a23b1784b470c753f61ff645514aadcd0042faa03cd09843f40&tz=-7&uuid=42f38d7b-e6f0-44f4-b447-69d3efa84c3b%3A2%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
e.dtscout.com/e/ 7 KB
4 KB 788ms
361ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4636861&@f16&@g1&@h1&@i1&@j1720082550540&@k0&@l1&@mEuropean%20School%20of%20fest%20%E2%80%93%20School%20News%20Update%202024&@n0&@o1000&@q0&@r0&@s0&@ten-CA&@u1600&@b1:95324832&@b3:1720082551&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Feuropeanschoolofesthetics.ca%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:31 GMT
x-t: 0.218
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sze2rVeUNzyVVmnMEfGWBJZ0YhEOBvi1sWgWBKW93Ca%2BftS5cY%2Fom5aXUE%2FyD6HrPfMLUbLLltCx1SK5oN0rWFhHW6eJprbkFsKhmpdkIaFUvPoLrU%2BTBzmZ6nyVVuIkKAGmQIffA5on2ug%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 89ddd28b8a97e157-ORD
expires: Thu, 04 Jul 2024 08:42:30 GMT

GET
H2

200

Primary Request / Show response
finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/
Redirect Chain

https://pro.redaffil.com/phxUjW/?utm_source=3576&utm_campaign=16691144&clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139

34 KB
21 KB

638ms
268ms

Document
text/html

2606:4700:3037::6815:537f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
Requested by: Host: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:537f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f309cfc067e7d7c912baac155235ebc91bef901be149881047aa96b715a202b9

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://europeanschoolofesthetics.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89ddd28fcdddaca0-YYZ
content-encoding: br
content-type: text/html
date: Thu, 04 Jul 2024 08:42:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCmFo3ArhSFA%2FmgL39QyzFLWtlN2Z3mQst1RuZOrd1fFNzOqnawtmoPFxAAlHYRahQZoOH4LzXrgmiWjVffyb62BDsxZdqIPdj9Hnupx7G8o38IgQAAVoGOn5hEmslV4Gd8bVoFdU%2Fe537taE8DEFUiT"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89ddd28c8a9536a5-YYZ
content-type: text/html
date: Thu, 04 Jul 2024 08:42:31 GMT
location: https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMVImYUgU7%2BZXpWVIp1yTqFueiqb6dTjZmZG2Bjl5jjde2arNGVXnexuevyNoy2BF7YOSJZxGsyfcyYLsDM%2BtBnWQBQENOaDx0uHCUZLi%2FYJQJAamPJmLmz4FqQb47dwIzwho6zfe%2FeQG%2FUixUc4"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 62164-featured-300x300.jpeg
europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/ 13 KB
14 KB 443ms
442ms Image
image/jpeg 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/62164-featured-300x300.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:32 GMT
cf-cache-status: MISS
last-modified: Sat, 22 Jun 2024 05:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3421-66765ae6-696cf84;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jLLcJW%2B7JJbhtYvN%2BsOl18pw8N39j3TyTPZ9XfjrzzvCvkPrVVCRD2QMTg7h6KiYIc546WgkYbhdtD8V3Mj65Ggj63E9cKkxkSosXtuXm%2FjcPaR%2FV6P5DP03anlBAkdHCyJSkJe19D62Ky6APuJtOcPvroDasv6dZts"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 89ddd28c78ef39fb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 13345
expires: Thu, 04 Jul 2024 20:42:32 GMT

GET
H3 200 40238-featured-300x300.jpg
europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/ 15 KB
15 KB 453ms
452ms Image
image/jpeg 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/40238-featured-300x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:32 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Jul 2024 01:42:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3a14-66820985-69748e4;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3iZ2YvqQLcUbHvaXCMAivKCj5JGC%2FZV6QHGvhBR8how2uj%2BZosrDxc6QqJSpKwCOJmKPztnCnYlgZWfAydcG%2FFtVWhYRDhMxHULY%2BUo%2BX4JcXiaAlgVHPE%2BlNH2ZY8WOVrYeceS9Il2eI6zwz9wNNhk%2Bgx9tw%2BYhfrjG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 89ddd28c78f039fb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 14868
expires: Thu, 04 Jul 2024 20:42:32 GMT

GET 17024-featured-300x300.jpg
europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/ 0
0

GET
H3 200 35798-featured-300x300.jpg
europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/ 14 KB
15 KB 451ms
450ms Image
image/jpeg 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/35798-featured-300x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:32 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Jul 2024 10:39:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3924-66828767-696b6a0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMshrxYE05OTK4RPeSi6Q5jJ7DlUZwfzneGha7Sityc6WWSnPju6dc7xNNzA2vXjFy1fCOlF%2BmVZpTH1ejES9lv88jvN718Iz8EnnirW77GZOXpVF1x0iM5WGmxMqZNyf7%2BV6%2FyLGNNX2WrLNfCsoj0aSFmBWof1wb2E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 89ddd28c78f239fb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 14628
expires: Thu, 04 Jul 2024 20:42:32 GMT

GET
H3 200 5633-featured-300x300.jpg
europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/ 14 KB
15 KB 234ms
234ms Image
image/jpeg 2606:4700:3032::ac43:9c04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/5633-featured-300x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:31 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Jun 2024 18:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "385f-665e08a4-6969fa7;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2BQZEipjsptxTFQ3GtRWsiLump%2B3sJeWKNvbpQyGsPQlyjWxPvjQSn6B6buO6u2XfrO6erlqUMKFoLiEa7TecNeUcMEaj61WPCoELolFvLYZqZSBtyWDg2KUz1wgHc7ASMIctpUjmb2MfdtjEJ2U2wAS4%2F%2BbPw7SdV6o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 89ddd28c78f439fb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 14431
expires: Thu, 04 Jul 2024 20:42:31 GMT

GET
H2 200 sfp.js
recordedthereby.com/ 83 KB
28 KB 489ms
120ms Script
application/javascript 2606:4700:3035::6815:5b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedthereby.com/sfp.js

Requested by

Host: mariadock.com
URL: https://mariadock.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:32 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: f7d14a8277b48593d59a5fd25e342304
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BX9STIQVX8J16E%2B313YLZ3Ml64igGIL071Fx%2BqfiNBavw%2BOFEap0%2FEvR8EkfsNSfnb9ggXX2mS%2F7MnK7JEHrPwfjpOUa8XBcAAmL1rcCzk1H3%2FgXtXU%2Bt9pb0VBCyqHY2faLHUvO9ocfSSAHk86poxc2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, max-age=0, private, no-cache
cf-ray: 89ddd28f9cbeac88-YYZ
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET purst
absenceoverload.com/pixel/ 0
0

GET
H/1.1 200
OK ren.gif
mariadock.com/ 7 B
733 B 128ms
128ms Image
image/gif 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mariadock.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzW8bxRuedatKvx8IBBIc4LIHJFq1ctZrr43VQ5ukFEISWtqgFNFDZ3dnnalnZ1Yzu94kvUStVHo0Nz4um8f5KLRIcEYIZJcDssRhbzmQC%2FwBSL1yQE4sRbyj0fvOPM%2BM3ueZebidHRIXGT1Qy2qTC0FnvKpjn13lMlS5sT9csWtO1blor3LZbFy015uNc%2FZskgi2yvxFns549Va13rTPLr6%2Fsrx0wRa8y%2Bz3WNBV5%2Bz5Na1iNlNzm1VnMuybNKKaT4%2BAJ09rzQnkOl61%2FQ7W9X%2FXJrNgqIWwd0heBQ%2FLl34dFuDBEDL%2B%2Fgoz3VQlF96NM0FTpdEL9z%2BWXalyifikjLSFSO5P2VCmJOSLCpTcnwqE6u1MBMLnJan87zZ8uXfcN%2FzeoOY24QswCT98AXlvCCaG4HSIQD0AD99GEGJ%2BFjLem6eShvQYoxOsJJV7f4HnJTl19z5k%2FGSOCWFPaetRAb4%2BBO8MkWQjpJv%2FgOcjBOl98PB3cvvHi5Dx42UlU82oAA%2BPlXM%2BBI%2BGEKwPaixkk8ktZFEFWVJBHB7Yjue0m54b1ILI8TxW9%2Brttu%2B2Q8ehtZbnRciCSX99pEkfgegj0FtI9Ba6vA%2Bd%2FQKzVsCEFkxaEuujLfTCAjkjyA1BTglyTpCnBHmv2A2FcU2xFwqT%2BbVpdqe5XgxU2tmmuyrtMElAdR86LLaTQ%2FLKxCDr08e30GUHtkMbbqPut2ue36QsagWs2XDaUb3RboVtL%2FJheAFuKkeSN3lJWvdaSHhJTo2ew6cjGDFCwE%2BBZjXQvABdK7Apv6OZpinrSlWVLEWoCiTpaaQb1rY4JG8evdG155%2BABePLrzn2s693%2F0SgCyS6wF3%2BjKAjHg1uqJzs3FC5IT9cS1Ie802aciVvpjRlp79dZBu50uHCFdP%2FZjaYAJPy6Qoz6RKVIZcdQ57M8TBk%2BqrSASM%2FLZhV5l%2FPzNpcpmWWLF2fv7oQJ5oZw5UcgvKSWKaNgJfk5Tvx0bc8v3ULXA%2BhswJxNibTAFcjBMkWTDK%2BfObMW3%2FMvFHAKAItTjh%2BYiHPioF2%2FZNNwUsyUz0NwcaXNl7%2F7HzlxQ9A%2FQKGnRjhs%2FHPfx%2FzB5pObqC82DaP0NEWaPoAMi7Q0wV6ogAVfZjs%2F4M00eNLv305ia%2FgC2vgC23t%2BEKLz4%2BtNvzApk7gNhue69edKPCa1IsaboM1gqhR812v5iA1ZfTwTv4vAAAA%2F%2F8BAAD%2F%2F%2Bwhx0ybBAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 08:42:31 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: 3d8006c4478454ba65104b838b71cc7b
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
mariadock.com/ 7 B
733 B 103ms
103ms Image
image/gif 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mariadock.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz48URRitHgiJP6LRRA966YOJEMhsT8%2F0DBMO%2FFhEERAEzGLkQHVX9Wwx1VWdqu7pZblsIEGO480fl9437C4KJno2RjODBzOJh77twb3oH2DC1YOZ3Uk2fpXK91W9V5XvvaoH6%2FkO8ZHTbX1Jrwop6UJQ99zDS0IxXVj3o%2Btuw6t7J9wlodqtE%2B5Ku3XEPZ2mki%2Fx8ILIFoJmp95su4cvfHD90sVjrhR97r7Po74%2B4i4uG53whYbfrnuz4V6jMTVifgQifdpozyDfC%2Brd41gx%2F1%2Fb3IGlDthgh7wOwapXfhuXENEYKvnhLLf9TKfH3ktySTNtMGBbn6i%2B0oVCsl%2FGxkGstuZsaFsR8mUNWm3NBUIPHs0EIhQVqb1wE6Ha3Osb4WDU8NsIJbhCyF5CMRiDyzEEHSPS9yHYu4gYFk9DJZuLVFFG9zA6wypSu%2Fs3RFGRA7fvQSVPznAp3TltJS4hVsYQvTHSfIJs9V%2BIYoIouwfB%2FiA3fzoBlTy%2BpFVmOJUQbE%2B5EGOIeAzJh6DWQT6bwkEe15CnNSRs2%2FUCr9sO%2FKgRxV4Q8GbQ7HZDv8s8jzY6QRAjj2b9DZGlQ0RyiMisITVr6IshTP4r7HIJyxzYrCLOx2sYsBIFJygsQUEJCkFQZATFoNxg0vq23GTS5mFjnv15bpYjnfXW6YbOelwRUDOEYeV6ukNemxnkfPb4Bvp82%2FVoy281w24jCNuUx52It1teN262uh3WDeIQVpQQtrYreVVUpHO3g1RU5MDkOUI6gZUTROIAaN4ALUrQ5RKr6nuaG5rxvtJ1xTMwXSLNDiK746zLHfL27htdfv4peDQ99YbnPvtm4y9EpkRqStwWzwh68uHoqi7Io6u6sOTHy2kmErFKM6HVtYxm%2FOB3F%2FidQht2%2Fqwdfns6mgGz8ul1brOLVDGhepY8OSMY4%2BacNhEnP5%2B3Szy8ktvlM7lReXrxyuK580lquLVCqzGoqIhju4hERV69lex%2By6NrNyDMGCYvkeRTMg8IPUGUrsGm01OHDr3z58JbJawmMHKfE6YOirwcGT%2Fc35SiIgv1g5B8evLOm58frb38IWhYwvJ9I0I%2B%2FeWfPf7I0NkNVJTr9iF6xgHN7kMlJQamxECWoHIIm784ylIzPfn7V7P4GqF0RqE0zqNQGvnFntVWbLuMN5usy6Ow4Qf8OIuiphfwwIsYb7TaftNHZqv4wa3iPwAAAP%2F%2FAQAA%2F%2F%2FglB1gmwQAAA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 08:42:31 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: ec6eff2932f0fca0f15b6eb5800c2afa
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 l1.jpg
cdn.cloudimagesb.com/26e/7e6/045/ 64 KB
64 KB 494ms
135ms Image
image/jpeg 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/26e/7e6/045/l1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 06 Jul 2024 08:42:32 GMT
date: Thu, 04 Jul 2024 08:42:32 GMT
last-modified: Tue, 11 Jun 2019 16:14:09 GMT
server: nginx/1.21.6
etag: "5cffd351-ff56"
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
content-length: 65366
x-proxy-cache: HIT

GET /
t.dtscout.com/idg/ Frame DA60 0
0

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 24 KB
8 KB 498ms
117ms Script
application/javascript 108.138.85.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-14.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Pe6GIZEM6dgqeqUvm6LottgOapPgk7ue
content-encoding: gzip
via: 1.1 878742d0ad1850cbfc7910a5c4919ed0.cloudfront.net (CloudFront)
date: Wed, 03 Jul 2024 08:57:46 GMT
last-modified: Tue, 27 Feb 2024 18:38:56 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P2
age: 85486
x-amz-server-side-encryption: AES256
etag: W/"20ad935553b73dd8a08c669492e0a0a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: gPiDsqUrAw0lPslEA2R9JvrTaaDrLxzgo2ntCkJMUtxnu2W5qsr1Jw==

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 2 KB
3 KB 580ms
95ms Script
application/javascript 3.21.82.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.21.82.98 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-21-82-98.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 08:42:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js
cdn.tynt.com/ 19 KB
6 KB 346ms
83ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:01 GMT
server: cloudflare
age: 236220
etag: W/"651ed18d-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 89ddd28f4dd836ae-YYZ
expires: Sun, 07 Jul 2024 08:42:32 GMT

GET
H2 200 /
t.dtscout.com/pv/ 51 B
389 B 193ms
150ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=europeanschoolofesthetics.ca&_ss=5p7o013k54&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=2ddz&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://europeanschoolofesthetics.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:32 GMT
x-t: 0.156
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4BXU77JYEP1oaKxrgESwICkT3QjMAJOL77bIQKNcwUnC0Zfwya%2F367Uir0GLLvLvNVE43EuTCqQVpjEZdh2wwwgBvqvAqf%2FYbQs3nceTjjE1f4%2BLOBC0rp%2FzyelIyBKMgzwih131n6Ns8r4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 89ddd28dfbeae157-ORD
expires: Thu, 04 Jul 2024 08:42:31 GMT

GET advertisers.js
capaciousdrewreligion.com/ 0
0

GET p
ic.tynt.com/b/ 0
0

GET /
onetag-geo.s-onetag.com/ 0
0

GET t.dhj
t.sharethis.com/1/k/ 0
0

GET dtscout
pd.sharethis.com/pd/ 0
0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 conf.json Show response
finishedwarmth.club/hood/ZmluaXNoZWR3YXJtdGguY2x1Yg==/ 49 B
408 B 121ms
121ms Fetch
application/json 2606:4700:3037::6815:537f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finishedwarmth.club/hood/ZmluaXNoZWR3YXJtdGguY2x1Yg==/conf.json
Requested by: Host: finishedwarmth.club
URL: https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:537f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43611fef3e2f0a941318f30329715a96070e76bfe232dc66d4ca3dce8e2d5b82

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform-version: "10.0.0"
Referer: https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 14 May 2024 16:50:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66439646-31"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tB15oPuQOwUVur%2BdQeYFOpiIXL5BXvWBrYbD5GrM4x6tGsel1xaEgzrO5%2FuS1zR7SAFQowdc0NQuQX5n8ArZ1O2Rsj%2Ffp8d6aJLMbl2PD3UnrseUpAfr4e6O1IgX1xEqpjBZdlr7rgXmeGUOKxboSkiM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89ddd291deb1aca0-YYZ
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 ht.js Show response
sdk.ocmhood.com/sdk/ 33 KB
13 KB 504ms
108ms Script
application/javascript 2606:4700:20::681a:7e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eaUxNDY4MjE0NoZc
Requested by: Host: finishedwarmth.club
URL: https://finishedwarmth.club/6hvS81UHxfd-fr-GV0tUFZJU7LilvsiOLY_yuOaIAMM/?clck=3d6039a6d43cc1aacb09c77ed3b7de98&sid=22609139
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81195ecef1ef260cddab7b3ab6123888768242882b856b5fab360f25850a9fa1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://finishedwarmth.club/
Origin: https://finishedwarmth.club
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:33 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4799
alt-svc: h3=":443"; ma=86400
content-length: 12460
service-worker-allowed: /
last-modified: Tue, 09 Apr 2024 11:24:49 GMT
server: cloudflare
etag: "66152581-30ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXdzkBnBvN6PFD6r4%2FgJynStyrYFsRBXcdzeu6uIkjFRoktK8a7i98BxF8tB%2FT9SXncaFOB4eUlms%2FbeV8KzvsnJU%2FY%2FCvqWJ4pZ2hrfZ8QOr0HPIhlVhuMH2MuTZlIfSLBwFM4M4GZhAweaWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89ddd2951c58b40b-YYZ

GET
H3 200 NjY4ZwSkNAFfmDQ2eaUxNDY4MjE0NoZc.js Show response
cdn.ocmtag.com/tag/ 423 B
816 B 476ms
102ms Script
application/javascript 2606:4700:3037::ac43:84bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2eaUxNDY4MjE0NoZc.js
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eaUxNDY4MjE0NoZc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:84bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64950a464d091453cea3e04824ea8fe223a3d0daf06987f99765796fcd08e7ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://finishedwarmth.club/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:42:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3522
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /
last-modified: Wed, 03 Jul 2024 06:15:59 GMT
server: cloudflare
etag: W/"6684ec9f-1a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMSjrAHMUNJO4PZATQmpE9Dg6wF2gQvzP5RPk6ulPbhUMT3Tts6iUWDPtZ8uIqr%2BVvC5msElXN5do1nZKkOvwzvq2XNwkoX3vTY6obRWpPimY5enFGPWRMEDfEy7n%2BeHXg4ncCNW5lP6C2LBxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89ddd298bddc39db-YYZ

POST
H3 201 activity
t.ocmhood.com/v2/ 0
446 B 480ms
110ms Ping
application/octet-stream 2606:4700:20::681a:7e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eaUxNDY4MjE0NoZc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://finishedwarmth.club/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jul 2024 08:42:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BlophWw2DlidnlI7z8vASD7yHTUCcvZbVebldXyFIjMsYn3qF8s3fVJrxo3nBySqpBNkZGbGKNyra5t4RC%2FIEY8D7bJ8Wr%2B1GLV7sfu42xlB8dPHpdAbaz4Sq6CIjT4rLLKxSN04YD4%2BOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 89ddd29bacfdaaa2-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 201 activity
t.ocmhood.com/v2/ 0
414 B 490ms
122ms Ping
application/octet-stream 2606:4700:20::681a:7e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eaUxNDY4MjE0NoZc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://finishedwarmth.club/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jul 2024 08:42:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMrRVK9zekm%2BU3%2FH9S99S1kqGumZvXZkNBe3DtqRTh%2BjXgMttX2iib6d92Pb1IfzeolFLzMVMHf39MkL%2B9A3gZMWwaq%2BdmCQ%2BfNJ5RzsVpLZow0psYTy4Iaj58TjtnxCjH7ZUA1ztcRz9QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 89ddd29bacfeaaa2-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 201 activity
t.ocmhood.com/v2/ 0
414 B 110ms
110ms Ping
application/octet-stream 2606:4700:20::681a:7e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eaUxNDY4MjE0NoZc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://finishedwarmth.club/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jul 2024 08:42:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDcr5r8HsBT3k4zmAc%2FR1O%2BurER05JopWEXlbBoxMURjLWVuWbIoUWY9eLTWf%2FKweJZTa5rP7gv%2BxNppvpmdUxTFBQks6IXLkoPBv%2BK3LEd7oS0VnOrJJed%2FdJEqmIvyYMtb8VgC1DeP1jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 89ddd2a02e8baaa2-YYZ
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: europeanschoolofesthetics.ca
URL: https://europeanschoolofesthetics.ca/wp-content/uploads/wordpress-popular-posts/17024-featured-300x300.jpg

Domain: absenceoverload.com
URL: https://absenceoverload.com/pixel/purst?dl=0&th=0&sc=0&rs=6136.10000038147&rd=6136.10000038147&fd=1760.4000005722046&bv=24.5.8221&tmpl=136

Domain: t.dtscout.com
URL: https://t.dtscout.com/idg/?su=51A01720082551E3C3768A6001113205

Domain: capaciousdrewreligion.com
URL: https://capaciousdrewreligion.com/advertisers.js

Domain: ic.tynt.com
URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1720082552345&dn=AFWU&iso=0&pu=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&t=European%20School%20of%20fest%20%E2%80%93%20School%20News%20Update%202024&chpv=10.0.0&chuav=Not%2FA)Brand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D126.0.6478.126%2C%20Google%20Chrome%3Bv%3D126.0.6478.126&chp=Win32&chmob=0&chua=Google%20Chrome%3Bv%3D126%2C%20Not%3AA-Brand%3Bv%3D8%2C%20Chromium%3Bv%3D126

Domain: onetag-geo.s-onetag.com
URL: https://onetag-geo.s-onetag.com/

Domain: onetag-geo.s-onetag.com
URL: https://onetag-geo.s-onetag.com/

Domain: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.5130528643388825&stid=ZGMAA2aGYHgAAAAJB3inAw%3D%3D

Domain: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Feuropeanschoolofesthetics.ca%2F&event_source=dtscout&rnd=0.5130528643388825&exptid=ZGMAA2aGYHgAAAAJB3inAw%3D%3D&fcmp=false

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
europeanschoolofesthetics.ca/	1970-01-21 06:33:38	Name: HstCfa4636861 Value: 1720082550540
europeanschoolofesthetics.ca/	1970-01-21 06:33:38	Name: HstCla4636861 Value: 1720082550540
europeanschoolofesthetics.ca/	1970-01-21 06:33:38	Name: HstCmu4636861 Value: 1720082550540
europeanschoolofesthetics.ca/	1970-01-21 06:33:38	Name: HstPn4636861 Value: 1
europeanschoolofesthetics.ca/	1970-01-21 06:33:38	Name: HstPt4636861 Value: 1
europeanschoolofesthetics.ca/	1970-01-21 06:33:38	Name: HstCnv4636861 Value: 1
europeanschoolofesthetics.ca/	1970-01-21 06:33:38	Name: HstCns4636861 Value: 1
proftrafficcounter.com/	1970-01-21 07:24:02	Name: uid_id2 Value: e4c3b997-64b5-4bdb-94ba-df4e994461cb:1:1
europeanschoolofesthetics.ca/	1970-01-20 21:58:07	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: e4c3b997-64b5-4bdb-94ba-df4e994461cb%3A1%3A1
poundswarden.com/	1970-01-20 21:49:28	Name: u_pl Value: 22609139
poundswarden.com/	1970-01-20 21:48:02	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI0Nzg0MTQ0MCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMzQ2OCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjM5LCJjIjoiQ0EiLCJuIjoiQ2FuYWRhIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmVsbCBDYW5hZGEifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2V1cm9wZWFuc2Nob29sb2Zlc3RoZXRpY3MuY2EvIiwiYXIiOltdfX0.R3MnSa1-1G7xoXcsn-L0irvKWj8-0G9lxG2Y6ZwKCVw
poundswarden.com/	1970-01-20 21:58:07	Name: uid_id2 Value: 42f38d7b-e6f0-44f4-b447-69d3efa84c3b:2:1
poundswarden.com/	1970-01-20 21:49:28	Name: iprc07fa26915b842858f127cd97a23b30b0 Value: 5323893
poundswarden.com/	1970-01-20 21:49:28	Name: pdhtkv Value: true
poundswarden.com/	1970-01-20 21:49:28	Name: uncs Value: 1
poundswarden.com/	1970-01-20 21:49:28	Name: pdhtkv5 Value: true
poundswarden.com/	1970-01-20 21:49:28	Name: uncs5 Value: 1
mariadock.com/	1970-01-20 21:49:28	Name: u_pl Value: 22784088
mariadock.com/	1970-01-20 21:49:28	Name: pdhtkv Value: true
mariadock.com/	1970-01-20 21:49:28	Name: uncs Value: 1
mariadock.com/	1970-01-20 21:49:28	Name: pdhtkv49 Value: true
mariadock.com/	1970-01-20 21:49:28	Name: uncs49 Value: 1
mariadock.com/	1970-01-20 21:48:02	Name: nlec0a4243b915b6aef7ce6409f3497d95fb Value: [5239641]
europeanschoolofesthetics.ca/	1970-01-20 21:48:02	Name: m5a4xojbcp2nx3gptmm633qal3gzmadn Value: mariadock.com
.dtscout.com/	1970-01-20 21:48:07	Name: m Value: 1
.dtscout.com/	1970-01-20 21:48:06	Name: st Value: 1
.dtscout.com/	1970-01-21 00:12:02	Name: df Value: 1720082551
.dtscout.com/	1970-01-20 23:56:12	Name: l Value: 51A01720082551E3C3768A6001113205
europeanschoolofesthetics.ca/	1970-01-20 21:48:06	Name: pp_main_de40747527625eb4f2cfd573cb92ac16 Value: 1
europeanschoolofesthetics.ca/	1970-01-20 21:48:02	Name: pp_idelay_de40747527625eb4f2cfd573cb92ac16 Value: 1
.sharethis.com/	1970-01-21 06:33:38	Name: __stid Value: ZGMAA2aGYHgAAAAJB3inAw==
.sharethis.com/	1970-01-21 06:33:38	Name: __stidv Value: 2
finishedwarmth.club/	1969-12-31 23:59:59	Name: session Value: 5yl3zPGFdghU7lxXs4V-a7-zMmj1BFyg
.finishedwarmth.club/	1970-01-21 06:33:38	Name: _ht_v Value: 1720082553.2356516606
.finishedwarmth.club/	1970-01-20 21:48:04	Name: _ht_s Value: 1720082553.2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://europeanschoolofesthetics.ca/(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://europeanschoolofesthetics.ca/(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://i3.wp.com/images.ladbible.com/resize?type=webp&quality=70&width=1200&fit=contain&gravity=auto&url=https://images.ladbiblegroup.com/v3/assets/blt949ea8e16e463049/blt17f0cd74303be90f/6686560c9232e21ac32fac75/netflix-film-most-disturbing-yet.png&w=150&resize=150,150&ssl=1 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://i3.wp.com/images.ladbible.com/resize?type=webp&quality=70&width=1200&fit=contain&gravity=auto&url=https://images.ladbiblegroup.com/v3/assets/blt949ea8e16e463049/blt17f0cd74303be90f/6686560c9232e21ac32fac75/netflix-film-most-disturbing-yet.png&w=150&resize=150,150&ssl=1 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

absenceoverload.com
capaciousdrewreligion.com
cdn.cloudimagesb.com
cdn.ocmtag.com
cdn.tynt.com
e.dtscout.com
europeanschoolofesthetics.ca
finishedwarmth.club
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
i0.wp.com
i1.wp.com
i3.wp.com
ic.tynt.com
mariadock.com
noisesperusemotel.com
onetag-geo.s-onetag.com
pd.sharethis.com
poundswarden.com
pro.redaffil.com
proftrafficcounter.com
recordedthereby.com
s10.histats.com
s4.histats.com
sdk.ocmhood.com
t.dtscout.com
t.ocmhood.com
t.sharethis.com
absenceoverload.com
capaciousdrewreligion.com
europeanschoolofesthetics.ca
ic.tynt.com
onetag-geo.s-onetag.com
pd.sharethis.com
t.dtscout.com
t.sharethis.com
108.138.85.14
149.56.240.132
172.240.253.132
172.64.153.173
192.0.77.2
192.243.61.225
2606:4700:10::6814:1247
2606:4700:20::681a:7e4
2606:4700:21::8d65:780b
2606:4700:3032::ac43:9c04
2606:4700:3035::6815:5b18
2606:4700:3036::6815:333a
2606:4700:3037::6815:537f
2606:4700:3037::ac43:84bf
2607:f8b0:4004:c17::5f
2607:f8b0:400d:c00::5e
3.21.82.98
3.230.124.203
45.133.44.9
0b2ca1d588b2e79c5a2c8a3cb42e01a40bfd3f8b2a5634e3cc0a74741d620ed9
0b7dfb4b3f8dcdd33057d97aca67e1aadfc3cb2f4155bf76bce2851773b31500
0e144301a9cc1342f995655e81f029b6af07a1fe976c8802202fa87004f9f4ee
25f8d252a34db20e41b9f3fcf51c022ad2f0876bd47be65caba671bb8bad7ccc
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1
3273b42ec1461385656f90e4b21e7197602f4bf6a4915dc2e46f64f2fdc29b5c
3863c3d532eb1e7e51237e88666e1b78f8ca7118997107416ba360ba3d6a2024
43611fef3e2f0a941318f30329715a96070e76bfe232dc66d4ca3dce8e2d5b82
497920432082d9ba542b756f92e3ea31e633315f321f948131282e1a094fba87
4b87cbc74f3ffaf08314a5d81b501be6fc36f553dbe446ef5a4b29f0138ba0b0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4ed8f562586c812a72b02c5295582360a3947f5cfe276a9fe1e3c8a35069c692
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
64950a464d091453cea3e04824ea8fe223a3d0daf06987f99765796fcd08e7ce
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076
65974d5ef3f8f8982fc478eaa4b0ab39f79132f8202b2cb7ea4b9a5c0b3c8c42
65b5e078d3c0601eda82a3a29ed8dc9d127346c7ffffb42d2f812d2438753b0f
7215cd27128004863d52e67755d36ea3a8317bc9b818d860f67866e8f25023ea
75011796d84b3e083d0b102535b105e11297a66b6797c137f6706996424aa9b9
7a8d25922476c7f97358dc3825d861349a6080ef104b3c4d558c65bc9ee3b2c3
7aff974bd95503affabc47bfa7da677108ec1c1ea0f54b4065814b355897c400
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e306c677ade23d6369ede0a5ad38292f816e4bea8b3abe31ef8d4e3125123dd
8102305470c08e15e52ef92bcb8da00580ff3eb59d2c44406153d30a0e0bc829
81195ecef1ef260cddab7b3ab6123888768242882b856b5fab360f25850a9fa1
8a978e53aa8e093954baa8119e7a83c2c3f7804fbc2e6ab3a60b0a92212651b2
9054bc2c86a74a33e48d3b82fa5ba9e18a03401a46bf0ffffde465b657401c72
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a14ebdc0b896eadf1c237fda97fe9a2db82b1d08a5ac48f9a487ffaa6535c36b
aa83ceb03e5568ba0a0379d214f746e01fae32533b389e42d0199456dcc4e2ca
b1012842202ba2c9bffb8d18d4b612352b0d807512dd379c313f1448f24947c8
b8c79f77e165fc4fe718db72fbb1d5469db58792268362ffd4003f299ee24dcc
c895bb44a1ae7bdee7db37806e0bc61449fcfef31fa80a1dd55e02a23c3d54a6
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc1f348aca3447094ded24afee736d21571081e90a695a4967b9254177766b5e
e3210e1769d1dee8c52b604cfd5062637af41e84757c39e7b0d34c6961a5a953
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb685a6ab7b7b23117937542fd1f73f9bd946e9ceb98834e2f9e3bdd94e1dd39
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
eff968d342d78b6a27e9270a9423e0caaa75b084382d95c3c806de467d7a9482
f309cfc067e7d7c912baac155235ebc91bef901be149881047aa96b715a202b9
fbf1fa55b44ba63ab78a2fdfcb46550a4efce9c4870a7f2d2d15256cb0b3e134

finishedwarmth.club Open in urlscan Pro 2606:4700:3037::6815:537f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

87 %HTTPS

53 %IPv6

21 Domains

29 Subdomains

19 IPs

2 Countries

663 kBTransfer

1320 kBSize

35 Cookies

0 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

finishedwarmth.club Open in urlscan Pro
2606:4700:3037::6815:537f Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

87 %
HTTPS

53 %
IPv6

21
Domains

29
Subdomains

19
IPs

2
Countries

663 kB
Transfer

1320 kB
Size

35
Cookies

84 HTTP transactions
2 data transactions