urlscan.io logo urlscan.io
SecurityTrails logo

www.leshastudios.com Open in urlscan Pro
66.152.183.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://leshastudios.com/
Effective URL: https://www.leshastudios.com/
Submission Tags: fd s2 d5 fd35916 Search All
Submission: On February 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 27 HTTP transactions. The main IP is 66.152.183.20, located in Los Angeles, United States and belongs to MULTA-ASN1, US. The main domain is www.leshastudios.com.
TLS certificate: Issued by R3 on February 10th 2022. Valid for: 3 months.
This is the only time www.leshastudios.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    66.152.183.20 (Los Angeles, United States)

ASN35916 (MULTA-ASN1, US)
PTR: daserver.bludomain3.com
leshastudios.com
www.leshastudios.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.64.109.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-109-90.txl50.r.cloudfront.net
cdn-images.mailchimp.com
1    52.216.230.53 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 leshastudios.com
leshastudios.com
www.leshastudios.com
2 MB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 gstatic.com
fonts.gstatic.com
62 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
83 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 4595
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
36 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1012 B
27 9
Domain Requested by
16 www.leshastudios.com 1 redirects www.leshastudios.com
4 www.facebook.com 2 redirects connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net www.leshastudios.com
connect.facebook.net
1 s3.amazonaws.com www.leshastudios.com
1 cdn-images.mailchimp.com www.leshastudios.com
1 www.googletagmanager.com www.leshastudios.com
1 fonts.googleapis.com www.leshastudios.com
1 leshastudios.com 1 redirects
27 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
mailchimp.com
Subject Issuer Validity Valid
leshastudios.com
R3		 2022-02-10 -
2022-05-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-19 -
2022-02-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.leshastudios.com/
Frame ID: D67D39A16A54CE854D7B08E90AFEC07D
Requests: 25 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df277ec3ff9bad58%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
Frame ID: 428A69F87BA01F707E72F01A82841722
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1af3d7a86c5c3%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
Frame ID: 11EBABF0DE4155C286594B04858A9CA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lesha Studios - Turning Life Moments into Art - Welcome

Page URL History Show full URLs

  1. https://leshastudios.com/ HTTP 301
    http://www.leshastudios.com/ HTTP 302
    https://www.leshastudios.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

2778 kB
Transfer

3775 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://leshastudios.com/ HTTP 301
    http://www.leshastudios.com/ HTTP 302
    https://www.leshastudios.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=878036858873298&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df277ec3ff9bad58%26domain%3Dwww.leshastudios.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.leshastudios.com%252Ff15ab831d21128c%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FLeshaStudios%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df277ec3ff9bad58%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
Request Chain 24
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=878036858873298&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1af3d7a86c5c3%26domain%3Dwww.leshastudios.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.leshastudios.com%252Ff15ab831d21128c%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FLeshaStudios%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1af3d7a86c5c3%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.leshastudios.com/
Redirect Chain
  • https://leshastudios.com/
  • http://www.leshastudios.com/
  • https://www.leshastudios.com/
296 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
420e248aa782dc54e35196d3991d80184acc59ed4bbe7e27a15a2514fe6e449c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 10 Feb 2022 12:15:09 GMT
server
Apache/2
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
49060
content-type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 10 Feb 2022 12:15:08 GMT
Server
Apache/2
Location
https://www.leshastudios.com/
Cache-Control
max-age=2592000
Expires
Sat, 12 Mar 2022 12:15:08 GMT
Content-Length
213
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
css
fonts.googleapis.com/ 		2 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700|
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b1381e0378a017aa39244f545a297cbf256be371b0b03c803df804b327500a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 12:15:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 12:15:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 12:15:10 GMT
slick.css
www.leshastudios.com/blu_source/plugins/slick/ 		2 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/plugins/slick/slick.css
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:43:11 GMT
server
Apache/2
etag
"6e7-550c15656e9c0-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
564
expires
Sat, 12 Mar 2022 12:15:10 GMT
jquery-1.11.3.min.js
www.leshastudios.com/blu_source/plugins/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/plugins/jquery-1.11.3.min.js
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
gzip
last-modified
Sat, 26 Jan 2019 17:21:05 GMT
server
Apache/2
etag
"176d4-5805fab230240-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33277
expires
Sat, 12 Mar 2022 12:15:10 GMT
jquery.easing.1.3.js
www.leshastudios.com/blu_source/plugins/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/plugins/jquery.easing.1.3.js
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:43:16 GMT
server
Apache/2
etag
"1fa1-550c156a33500-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1986
expires
Sat, 12 Mar 2022 12:15:10 GMT
slick.js
www.leshastudios.com/blu_source/plugins/slick/ 		78 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/plugins/slick/slick.js
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
9ea979abb75fb511d18f934cca5ee835da997bdef0dab61e575c8d932d0217d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:43:12 GMT
server
Apache/2
etag
"13991-550c156662c00-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13534
expires
Sat, 12 Mar 2022 12:15:10 GMT
masonry.pkgd.min.js
www.leshastudios.com/blu_source/plugins/masonry/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/plugins/masonry/masonry.pkgd.min.js
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:43:08 GMT
server
Apache/2
etag
"7119-550c156292300-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8524
expires
Sat, 12 Mar 2022 12:15:10 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143850601-1
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ac481dc26af5c688bf160f4603c1959e276e08bb8d0cb97092bedaf04a321b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36129
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 12:15:10 GMT
icon-facebook-like-20.png
www.leshastudios.com/v1site_images/icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.leshastudios.com/v1site_images/icons/icon-facebook-like-20.png
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
eaf535340d00b4481a08b66f8f0a6f9307619595b58f5623621bc4ec0cf7f82c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
last-modified
Tue, 30 May 2017 17:43:27 GMT
server
Apache/2
etag
"ff2-550c1574b0dc0"
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4082
expires
Sat, 12 Mar 2022 12:15:10 GMT
LS_LD-ELM_Long_Websitev2.jpg
www.leshastudios.com/v1site_images/logos/ 		635 KB
640 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.leshastudios.com/v1site_images/logos/LS_LD-ELM_Long_Websitev2.jpg
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
60f92713698dac677fe3b0236c3476f9c8dfa2975bc03a3cc3a7bea85b94875f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
last-modified
Sun, 02 Feb 2020 16:11:10 GMT
server
Apache/2
etag
"9ed43-59d9a0e0fe380"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
650563
expires
Sat, 12 Mar 2022 12:15:10 GMT
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.64.109.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-109-90.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 05:44:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2015 16:52:30 GMT
Server
AmazonS3
Age
23439
ETag
W/"ae0fc9b84c30cada1784022044962394"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
null
Via
1.1 33c97bbb27238fe2afd4da07b8379206.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
TXL50-P4
Content-Type
text/css
X-Amz-Cf-Id
IRSimjiWvsQ1s-hDrB89HlJsHbGQbp6WCsJm91sTfZFOcxeTKz0u8g==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.230.53 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 12:15:11 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
G4H69J0G0Z23VFWB
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
CZHSzTEuMDf8eks/gIDD99uwWt4OOpH485Pc/ea/T9nEdVymO2TnmgoC2bs+ytol+trFcRpI2/c=
soundmanager2-jsmin.js
www.leshastudios.com/blu_source/plugins/sm2/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/plugins/sm2/soundmanager2-jsmin.js
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
d07b45c8bd8711c050f2e5bf2878f29955fdaa278e6686ac2afb4652cc744ec5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:43:15 GMT
server
Apache/2
etag
"c829-550c15693f2c0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17946
expires
Sat, 12 Mar 2022 12:15:10 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9269c2c4ddc396ba1993de1f01c73a22c429a8412e61ce16dc7dac927dca6627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
B+Xv8rFaPy+p7MbMzNYuwA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 10 Feb 2022 12:17:03 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
8IvCZyjAJO4AtitYOu3SPmvvg1zi2K/Z7LqoX/c3ulc0TbEn56nHSENrS+mzuv/SlaEtBvUUuLK7chGDPmJqvQ==
x-fb-trip-id
686109401
x-fb-content-md5
bc99a3159c86887ca50e479a4dfdc966
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 10 Feb 2022 12:15:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0e11190291b0b2193c931ee2c6f9f958"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:33:29 GMT
x-content-type-options
nosniff
age
60101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32900
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:09:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:33:29 GMT
sdk.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9791354126b556cf9cafe3eec7fedd38
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50d2045c7de866b8866f2b914f184ca889f8d305d8a53d664428f36e94a546d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.leshastudios.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
oUzfWFkutFSk5lszAau44w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 10 Feb 2023 10:21:07 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82098
x-fb-rlafr
0
x-fb-debug
BV4ERRph8XDa1xqXiKDSIvfg9trLWRPWSNPM6bYxdWDSe86bCwpq9yJBVSQDTH6lxhR17ch1Tvayt4v+TP4yxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4715cbaa7bc1db7bf19a41cc33058f8a
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 12:15:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1f9cafb33f951a1e75258fb7c21d8a07"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
Garamond.woff
www.leshastudios.com/bluadmin/blufonts/Garamond/ 		296 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/bluadmin/blufonts/Garamond/Garamond.woff
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
420e248aa782dc54e35196d3991d80184acc59ed4bbe7e27a15a2514fe6e449c

Request headers

Referer
https://www.leshastudios.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 12:15:10 GMT
content-encoding
gzip
server
Apache/2
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
49060
expires
Thu, 19 Nov 1981 08:52:00 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:33:29 GMT
x-content-type-options
nosniff
age
60101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29492
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:33:29 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143850601-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2416
date
Thu, 10 Feb 2022 11:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 10 Feb 2022 13:34:54 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=565731908&t=pageview&_s=1&dl=https%3A%2F%2Fwww.leshastudios.com%2F&ul=en-us&de=UTF-8&dt=Lesha%20Studios%20-%20Turning%20Life%20Moments%20into%20Art%20-%20Welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=312315468&gjid=924092168&cid=404228131.1644495311&tid=UA-143850601-1&_gid=463981650.1644495311&_r=1&gtm=2ou290&z=547056526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leshastudios.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 12:15:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leshastudios.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
www.leshastudios.com/blu_source/includes/fa/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/includes/fa/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://www.leshastudios.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:11 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:43:14 GMT
server
Apache/2
etag
"10440-550c15684b080-gzip"
vary
Accept-Encoding,User-Agent
cache-control
max-age=2592000
accept-ranges
bytes
expires
Sat, 12 Mar 2022 12:15:11 GMT
glyphicons-halflings-regular.woff2
www.leshastudios.com/blu_source/includes/bootstrap/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/blu_source/includes/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://www.leshastudios.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:11 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:43:08 GMT
server
Apache/2
etag
"466c-550c156292300-gzip"
vary
Accept-Encoding,User-Agent
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18030
expires
Sat, 12 Mar 2022 12:15:11 GMT
MontserratLight.woff
www.leshastudios.com/bluadmin/blufonts/MontserratLight/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/bluadmin/blufonts/MontserratLight/MontserratLight.woff
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
a00d5ca1d283393ea139e60dc8aa3354d848d216ee2ab2c3d6d31deca59bc8de

Request headers

Referer
https://www.leshastudios.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:11 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:44:27 GMT
server
Apache/2
etag
"5fc4-550c15ade94c0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-font-woff
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24473
expires
Sat, 12 Mar 2022 12:15:11 GMT
LS_Brown1001.jpg
www.leshastudios.com/v1site_images/slideshow/gallery1/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.leshastudios.com/v1site_images/slideshow/gallery1/LS_Brown1001.jpg
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
11bcfd4a7e47a3f64eb885321242276194565c0029c0ea60becb0648c0d7cf84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leshastudios.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:11 GMT
last-modified
Thu, 01 Jun 2017 18:18:29 GMT
server
Apache/2
etag
"170298-550ea1043c740"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1507992
expires
Sat, 12 Mar 2022 12:15:11 GMT
/
www.facebook.com/login/ Frame 428A
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=878036858873298&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df277...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df277ec3ff9bad58%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9791354126b556cf9cafe3eec7fedd38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
oX/7ZWiQam6mibNIa+MhFBDvED+G8zXoo71tXU12/trTN4kdo0eBgiFr0ZxPzzSaAKrxivW8BRxEizGZ96qHJg==
date
Thu, 10 Feb 2022 12:15:11 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df277ec3ff9bad58%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v6.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
fR+IayAjihhvxLhsVEsH2orCiODtl5AdF8kXr9lzNnC1UK7VwJjBUy6o4s/AZixuyGXlTyMjKpLgG59et1XBlA==
content-length
0
date
Thu, 10 Feb 2022 12:15:11 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
/
www.facebook.com/login/ Frame 11EB
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=878036858873298&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1af...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1af3d7a86c5c3%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9791354126b556cf9cafe3eec7fedd38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Mrbrh2D/w+HgXDKWJ0PxXZNxneWdOsv/eA51+xRubt3t8yWZBywD1FNxMMDCsVHBFCjPEC12CLO1LkwapKWmAQ==
date
Thu, 10 Feb 2022 12:15:11 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D878036858873298%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1af3d7a86c5c3%2526domain%253Dwww.leshastudios.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.leshastudios.com%25252Ff15ab831d21128c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLeshaStudios%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v6.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
fjTdaKD4QySBwEMgg7FLz70eo4hY1gccTnCu5QDZ7ft/lGIO5HkLpIFD51QhJ0U/uZa6V91QuPgHeHMToyNyyg==
content-length
0
date
Thu, 10 Feb 2022 12:15:11 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
Garamond.ttf
www.leshastudios.com/bluadmin/blufonts/Garamond/ 		70 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leshastudios.com/bluadmin/blufonts/Garamond/Garamond.ttf
Requested by
Host: www.leshastudios.com
URL: https://www.leshastudios.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.152.183.20 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
daserver.bludomain3.com
Software
Apache/2 /
Resource Hash
1c41c7be6cf0c4e6baa53c9b38e2ff90114ee5524785331ce3ae90fe1f5eb365

Request headers

Referer
https://www.leshastudios.com/
Origin
https://www.leshastudios.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:15:11 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2017 17:44:17 GMT
server
Apache/2
etag
"11710-550c15a45fe40-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-font-ttf
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37235
expires
Sat, 12 Mar 2022 12:15:11 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone function| $ function| jQuery object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| gtag object| dataLayer undefined| $sub_btn function| bluCarouselInit function| bluCarouselLoadImages function| bluScaleVideo function| positionHome function| bluResizeBlog object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| mc function| $mcj object| fnames object| ftypes function| SoundManager object| soundManager object| vars object| active_page object| prev_page function| bluSetHash function| bluGetHash function| bluHashChange function| bluLoadImages function| bluScrollPage function| bluMoveCaretToStart function| bluResetForm function| bluLoadAjax function| bluPopUp function| bluPopupScale function| bluPopupClose function| bluSetEvenHeight function| bluParallaxFullscreenFix function| bluParallaxBgResize function| bluParallaxPosition function| bluIsEmpty function| bluSetThumbSize function| bluScaleThumbs function| bluResize function| bluShowTooltip function| zoomDisable function| zoomEnable function| bluPositionBlogThumbs object| jQuery11130009032512033643636 boolean| display object| $btn

6 Cookies

Domain/Path Name / Value
www.leshastudios.com/ Name: PHPSESSID
Value: mp9rl7lto68vuvkpkdhg8oouj4
.leshastudios.com/ Name: _ga
Value: GA1.2.404228131.1644495311
.leshastudios.com/ Name: _gid
Value: GA1.2.463981650.1644495311
.leshastudios.com/ Name: _gat_gtag_UA_143850601_1
Value: 1
.facebook.com/ Name: sb
Value: zwEFYlD9NLsjs08ZgIyWyrbb
.facebook.com/ Name: fr
Value: 09sHHKSgK4Jt7DNZV..BiBQHP.pP.AAA.0.0.BiBQHP.AWU8a_A4-8w

8 Console Messages

Source Level URL
Text
other warning URL: https://www.leshastudios.com/
Message:
Failed to decode downloaded font: https://www.leshastudios.com/bluadmin/blufonts/Garamond/Garamond.woff
other warning URL: https://www.leshastudios.com/
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other warning URL: https://www.leshastudios.com/
Message:
Failed to decode downloaded font: https://www.leshastudios.com/bluadmin/blufonts/Garamond/Garamond.woff
other warning URL: https://www.leshastudios.com/
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other warning URL: https://www.leshastudios.com/
Message:
Failed to decode downloaded font: https://www.leshastudios.com/bluadmin/blufonts/Garamond/Garamond.woff
other warning URL: https://www.leshastudios.com/
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
leshastudios.com
s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.leshastudios.com
18.64.109.90
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::2008
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.216.230.53
66.152.183.20
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
11bcfd4a7e47a3f64eb885321242276194565c0029c0ea60becb0648c0d7cf84
1c41c7be6cf0c4e6baa53c9b38e2ff90114ee5524785331ce3ae90fe1f5eb365
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
420e248aa782dc54e35196d3991d80184acc59ed4bbe7e27a15a2514fe6e449c
4ac481dc26af5c688bf160f4603c1959e276e08bb8d0cb97092bedaf04a321b3
50d2045c7de866b8866f2b914f184ca889f8d305d8a53d664428f36e94a546d0
60f92713698dac677fe3b0236c3476f9c8dfa2975bc03a3cc3a7bea85b94875f
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6b1381e0378a017aa39244f545a297cbf256be371b0b03c803df804b327500a6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9
9269c2c4ddc396ba1993de1f01c73a22c429a8412e61ce16dc7dac927dca6627
9ea979abb75fb511d18f934cca5ee835da997bdef0dab61e575c8d932d0217d1
a00d5ca1d283393ea139e60dc8aa3354d848d216ee2ab2c3d6d31deca59bc8de
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
d07b45c8bd8711c050f2e5bf2878f29955fdaa278e6686ac2afb4652cc744ec5
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
eaf535340d00b4481a08b66f8f0a6f9307619595b58f5623621bc4ec0cf7f82c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995