tidesofchange.com Open in urlscan Pro
104.197.241.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tidesofchange.com/
Effective URL:
https://tidesofchange.com/
Submission Tags: @phish_report
Submission: On February 18 via api (February 18th 2024, 3:24:50 pm UTC) from FI — Scanned from FI

Summary HTTP 28 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 104.197.241.213, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is tidesofchange.com.
TLS certificate: Issued by R3 on December 12th 2023. Valid for: 3 months.

This is the only time tidesofchange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	104.197.241.213 104.197.241.213	15169 (GOOGLE) (GOOGLE)
2	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	162.159.137.54 162.159.137.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
28	5

19 104.197.241.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.241.197.104.bc.googleusercontent.com

tidesofchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.137.54 (None, )

ASN13335 (CLOUDFLARENET, US)

themenectar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	tidesofchange.com 1 redirects tidesofchange.com	859 KB
7	gstatic.com fonts.gstatic.com	160 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
1	themenectar.com themenectar.com — Cisco Umbrella Rank: 731783	5 KB
28	4

	Domain	Requested by
19	tidesofchange.com	1 redirects tidesofchange.com
7	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	tidesofchange.com
1	themenectar.com	tidesofchange.com
28	4

This site contains links to these domains. Also see Links.

Domain
tidesofchange.hubspotpagebuilder.com
meetings.hubspot.com
www.instagram.com
www.facebook.com
www.linkedin.com
www.uncommon.nz
sarahclaytonphotography.com

Subject Issuer	Validity	Valid
tidesofchange.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
themenectar.com Cloudflare Inc ECC CA-3	`2023-05-09` - `2024-05-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tidesofchange.com/
Frame ID: AC0791B9194424F1BC15CE6A2A25174D
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Life Coach | Tides of Change | Home

Page URL History Show full URLs

http://tidesofchange.com/ HTTP 301
https://tidesofchange.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1026 kB
Transfer

5701 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://tidesofchange.hubspotpagebuilder.com/5-steps-to-more-time-free-guide-by-tides-of-change
Title: WANT MORE TIME, SLEEP & ENERGY? DOWNLOAD OUR FREE 5 STEPS TO MORE TIME GUIDE!

Search URL Search Domain Scan URL

URL: https://meetings.hubspot.com/contacttidesofchange
Title: Free Consultation

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tidesofchange101/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sarahtidesofchange/
Title: FaceBook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sarahlinton2017/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.uncommon.nz/
Title: An Uncommon Web Design

Search URL Search Domain Scan URL

URL: https://sarahclaytonphotography.com/
Title: Photo Artistry By Sarah Clayton

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tidesofchange.com/ HTTP 301
https://tidesofchange.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tidesofchange.com/
Redirect Chain

http://tidesofchange.com/
https://tidesofchange.com/

252 KB
35 KB

1055ms
467ms

Document
text/html

104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: f5659c2c1cc2f43b381e691b5431cbfcdb52df807f67e7d86313b57b1a846c01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 18 Feb 2024 15:24:42 GMT
link: <https://tidesofchange.com/wp-json/>; rel="https://api.w.org/" <https://tidesofchange.com/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json" <https://tidesofchange.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 18 Feb 2024 15:24:41 GMT
Keep-Alive: timeout=20
Location: https://tidesofchange.com/
Server: nginx

GET
H2 200 ad7fb6a73226a99f79b77c25df86f2c7.css
tidesofchange.com/wp-content/cache/min/1/ 823 KB
119 KB 805ms
804ms Stylesheet
text/css 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/cache/min/1/ad7fb6a73226a99f79b77c25df86f2c7.css
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 74584e41c2dd26db4df68d77addfffccf14a67f75da2c77ca8fa7991535d906b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:43 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 05:42:36 GMT
server: nginx
etag: W/"64e59c4c-cdbe7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 1283ms
225ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mitr%3A400%7CCormorant+Garamond%3A300%2C500%2C400%2C600italic%7CMontserrat%3A600%2C700%7CQuattrocento+Sans%3A400&subset=latin&ver=6.4.3

Requested by

Host: tidesofchange.com
URL: https://tidesofchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

080f0f893511e7f3d22b703d161a28915ebb1829b1c4b7ddc53dc86ebb70caa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 15:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 15:24:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 15:24:44 GMT

GET
H2 200 imageedit_10_8278625680-1.png
tidesofchange.com/wp-content/uploads/2020/07/ 3 KB
3 KB 248ms
245ms Image
image/png 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2020/07/imageedit_10_8278625680-1.png
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa6b2e5c20e4297b0e01e0250a743f96f1a29e6cf4529db62e6ac93e0d3ba28c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:43 GMT
last-modified: Mon, 27 Sep 2021 14:39:02 GMT
server: nginx
etag: "6151d786-ba8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2984

GET
H2 200 scroll-down-light.png
themenectar.com/img/demo-media/spinners/ 5 KB
5 KB 314ms
105ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themenectar.com/img/demo-media/spinners/scroll-down-light.png
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab15ede429788420340bc7a8482cd8acd00a38222fd9239844e1e1609f06fc7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:43 GMT
cf-cache-status: HIT
age: 143129
cf-polished: origFmt=png, origSize=12024
content-disposition: inline; filename="scroll-down-light.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4958
last-modified: Sun, 14 Nov 2021 22:52:44 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6191933c-2ef8"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 85774756cfead967-HEL

GET
H2 200 colored-photologo-287c8e.png
tidesofchange.com/wp-content/uploads/2021/07/ 15 KB
15 KB 247ms
244ms Image
image/png 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2021/07/colored-photologo-287c8e.png
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e5eed61b1a2fd1053b0fc778b60b95aa80159b4846f0e9d64e3f85918f51b02

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:43 GMT
last-modified: Wed, 07 Jul 2021 00:55:29 GMT
server: nginx
etag: "60e4fb81-3ae3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15075

GET
H2 200 auckland-life-coach-sarah-linton-063-1.jpg
tidesofchange.com/wp-content/uploads/2021/09/ 45 KB
45 KB 241ms
240ms Image
image/jpeg 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2021/09/auckland-life-coach-sarah-linton-063-1.jpg
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b0a08ef9a8033b17bf7ac5c175072e4832ba256706389eb37beabbd3f94feed

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Mon, 27 Sep 2021 10:09:37 GMT
server: nginx
etag: "61519861-b2e2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45794

GET
H2 200 auckland-life-coach-sarah-linton-072.jpg
tidesofchange.com/wp-content/uploads/2021/09/ 165 KB
165 KB 346ms
346ms Image
image/jpeg 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2021/09/auckland-life-coach-sarah-linton-072.jpg
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 42d9c6f9e20c1bb3e768bbd3ddf7f151dbc60956c5282c00da215e14f79e9791

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Mon, 27 Sep 2021 09:59:52 GMT
server: nginx
etag: "61519618-2930d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 168717

GET
H2 200 auckland-life-coach-sarah-linton-057.jpg
tidesofchange.com/wp-content/uploads/2021/09/ 59 KB
59 KB 514ms
514ms Image
image/jpeg 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2021/09/auckland-life-coach-sarah-linton-057.jpg
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0863adef1ad32d83293a4f98ee4b92e274ca96a8ee15185ab6764b7694b39b82

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Mon, 27 Sep 2021 09:57:23 GMT
server: nginx
etag: "61519583-ebfb"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 60411

GET
H2 200 cropped-imageedit_8_6856650812.png
tidesofchange.com/wp-content/uploads/2020/06/ 25 KB
25 KB 515ms
514ms Image
image/png 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2020/06/cropped-imageedit_8_6856650812.png
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2ce5f8a7456af5098f8ab0c5818ee2b2c0f7e9d4463d200a6704f867914f53d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Mon, 27 Sep 2021 15:24:02 GMT
server: nginx
etag: "6151e212-64de"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25822

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff2a558cce25d933e635503d849e1968025f3d50233b49eab1722fd67cef6eec

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 700332060df1a0a9fb0bc0f883116cd2c0cbce4404ee116c0c0901a70ca4e3d1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7af53336de2a5fa363e3b3f64be62e865eb8b326c299436d2fcc3214087e1a0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44a7ac1a3dbe2e3ad7320d8da302f21d8cf4b28e4b87515e2392123949871594

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 imageedit_10_8278625680.png
tidesofchange.com/wp-content/uploads/2020/06/ 25 KB
25 KB 515ms
514ms Image
image/png 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2020/06/imageedit_10_8278625680.png
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: adcbac4fa54a20ed1270d3af1d110696595636dc98882e55bc4b1cbcab746b20

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Mon, 27 Sep 2021 15:20:41 GMT
server: nginx
etag: "6151e149-6394"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25492

GET
H2 200 Sarah-TOC-Brand-Logos-1-2048x2048.png
tidesofchange.com/wp-content/uploads/2021/09/ 121 KB
122 KB 515ms
515ms Image
image/png 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2021/09/Sarah-TOC-Brand-Logos-1-2048x2048.png
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bb088294a151b6dc02d2d076a70d1d9ab733691c099c0b05ae3f05b35a33531d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Mon, 27 Sep 2021 09:06:42 GMT
server: nginx
etag: "615189a2-1e5f8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 124408

GET
H2 206 Pexels-Videos-1409899-1-1.mp4
tidesofchange.com/wp-content/uploads/2020/08/ 0
0 515ms
515ms Media
video/mp4 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/uploads/2020/08/Pexels-Videos-1409899-1-1.mp4
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://tidesofchange.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Sun, 09 Aug 2020 23:15:30 GMT
server: nginx
etag: "5f308392-3d8be3"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-4033506/4033507
cache-control: public, max-age=31536000
Content-Length: 4033507

GET
H2 206 Pexels-Videos-1409899-1-1.mp4
tidesofchange.com/wp-content/uploads/2020/08/ 45 KB
0 515ms
515ms Media
video/mp4 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/uploads/2020/08/Pexels-Videos-1409899-1-1.mp4
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://tidesofchange.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Sun, 09 Aug 2020 23:15:30 GMT
server: nginx
etag: "5f308392-3d8be3"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-4033506/4033507
cache-control: public, max-age=31536000
Content-Length: 4033507

GET
H2 200 css
fonts.googleapis.com/ 3 KB
990 B 386ms
157ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&ver=6.13.1

Requested by

Host: tidesofchange.com
URL: https://tidesofchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 15:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 14:12:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 15:24:44 GMT

GET
H2 200 lazyload.min.js Show response
tidesofchange.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 296ms
295ms Script
application/javascript 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:45 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 00:57:47 GMT
server: nginx
etag: W/"652ddc0b-22bc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
fonts.gstatic.com/s/quattrocentosans/v18/ 24 KB
24 KB 910ms
342ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mitr%3A400%7CCormorant+Garamond%3A300%2C500%2C400%2C600italic%7CMontserrat%3A600%2C700%7CQuattrocento+Sans%3A400&subset=latin&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:13 GMT
x-content-type-options: nosniff
age: 455311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24320
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:56:13 GMT

GET
H2 200 pxiLypw5ucZF-Tw4MQ.woff2
fonts.gstatic.com/s/mitr/v11/ 22 KB
22 KB 862ms
294ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Tw4MQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

329c63d1e60592a56dbb383ce4d1281d543cd7615ecaa0db98ffb5ef154ef2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 15:28:21 GMT
x-content-type-options: nosniff
age: 172583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22228
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 15:28:21 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 776ms
208ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 463412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 06:41:12 GMT

GET
H2 200 co3YmX5slCNuHLi8bLeY9MK7whWMhyjQAllfvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 19 KB
19 KB 951ms
383ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQAllfvg-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

719eedba4ef25d38763e12efef4f1f8b8c8f4476ea379806decba7b5c2bd83b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:11:47 GMT
x-content-type-options: nosniff
age: 457977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:15:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:11:47 GMT

GET
H2 200 co3WmX5slCNuHLi8bLeY9MK7whWMhyjYrEOXvT-KzhM.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 21 KB
21 KB 1001ms
433ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3WmX5slCNuHLi8bLeY9MK7whWMhyjYrEOXvT-KzhM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

5a1cf344eb88eb7917d82c055c5389eb1bfc2420803497cbc8a0ed4d82c14fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:09:49 GMT
x-content-type-options: nosniff
age: 386095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21652
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:14:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 04:09:49 GMT

GET
H2 200 co3YmX5slCNuHLi8bLeY9MK7whWMhyjQWlhfvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 20 KB
21 KB 1017ms
450ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQWlhfvg-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

991c8aba7707066e8d0f351d53a4eedee3b5f00d1db335d9a2ee39903b4b0c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 19:11:19 GMT
x-content-type-options: nosniff
age: 245605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20940
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:17:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 19:11:19 GMT

GET
H2 200 icomoon.woff
tidesofchange.com/wp-content/themes/salient/css/fonts/ 21 KB
22 KB 480ms
479ms Font
font/woff 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/themes/salient/css/fonts/icomoon.woff?v=1.4
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/wp-content/cache/min/1/ad7fb6a73226a99f79b77c25df86f2c7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 253da3174fd517b8b572319807f488b09d2d8c73f0a654361b493fd6b72cc3b1

Request headers

Referer: https://tidesofchange.com/wp-content/cache/min/1/ad7fb6a73226a99f79b77c25df86f2c7.css
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Tue, 17 Oct 2023 00:55:20 GMT
server: nginx
etag: "652ddb78-5598"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21912

GET
H2 200 fontawesome-webfont.woff
tidesofchange.com/wp-content/themes/salient/css/fonts/ 96 KB
96 KB 480ms
480ms Font
font/woff 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/wp-content/cache/min/1/ad7fb6a73226a99f79b77c25df86f2c7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://tidesofchange.com/wp-content/cache/min/1/ad7fb6a73226a99f79b77c25df86f2c7.css
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:44 GMT
last-modified: Tue, 17 Oct 2023 00:55:20 GMT
server: nginx
etag: "652ddb78-17ee8"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 98024

GET
H2 200 co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 20 KB
20 KB 949ms
397ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tidesofchange.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 05:07:10 GMT
x-content-type-options: nosniff
age: 382654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20648
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:18:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 05:07:10 GMT

GET
H2 206 Pexels-Videos-1409899-1-1.mp4
tidesofchange.com/wp-content/uploads/2020/08/ 35 KB
35 KB 301ms
300ms Media
video/mp4 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/uploads/2020/08/Pexels-Videos-1409899-1-1.mp4
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 06a841ec22f8c70281cd823432b9364f76f59c05b52d53660c93df4ca45a690f

Request headers

Referer: https://tidesofchange.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=3997696-

Response headers

date: Sun, 18 Feb 2024 15:24:45 GMT
last-modified: Sun, 09 Aug 2020 23:15:30 GMT
server: nginx
etag: "5f308392-3d8be3"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 3997696-4033506/4033507
cache-control: public, max-age=31536000
Content-Length: 35811

GET
H2 206 Pexels-Videos-1409899-1-1.mp4
tidesofchange.com/wp-content/uploads/2020/08/ 4 MB
0 253ms
252ms Media
video/mp4 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tidesofchange.com/wp-content/uploads/2020/08/Pexels-Videos-1409899-1-1.mp4
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://tidesofchange.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=32768-

Response headers

date: Sun, 18 Feb 2024 15:24:45 GMT
last-modified: Sun, 09 Aug 2020 23:15:30 GMT
server: nginx
etag: "5f308392-3d8be3"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-4033506/4033507
cache-control: public, max-age=31536000
Content-Length: 4000739

GET
H2 200 auckland-life-coach-sarah-linton-215.jpg
tidesofchange.com/wp-content/uploads/2021/09/ 88 KB
88 KB 484ms
483ms Image
image/jpeg 104.197.241.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidesofchange.com/wp-content/uploads/2021/09/auckland-life-coach-sarah-linton-215.jpg
Requested by: Host: tidesofchange.com
URL: https://tidesofchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.241.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.241.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e71d47b6e34d4e93859970ecdf293554e21c1f7aeacc51ed97379a4db990e042

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tidesofchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:24:45 GMT
last-modified: Mon, 27 Sep 2021 11:23:22 GMT
server: nginx
etag: "6151a9aa-15e94"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 89748

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.themenectar.com/	1970-01-20 18:31:11	Name: __cf_bm Value: EfEHroMQ6YXlXKIT8V95YND7QFIhPQHCU_NssCrbEZQ-1708269883-1.0-AUlof8H1pJlzvWEOTKHmvhuM67yQzkvNGrhXWII0pNGVI0lOE9NnLF+tXOpHArEf5RpOKoxUr7wv/KR81aOax+M=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tidesofchange.com/(Line 1633) Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
themenectar.com
tidesofchange.com
104.197.241.213
142.250.184.227
142.250.186.106
162.159.137.54
06a841ec22f8c70281cd823432b9364f76f59c05b52d53660c93df4ca45a690f
080f0f893511e7f3d22b703d161a28915ebb1829b1c4b7ddc53dc86ebb70caa1
0863adef1ad32d83293a4f98ee4b92e274ca96a8ee15185ab6764b7694b39b82
0b0a08ef9a8033b17bf7ac5c175072e4832ba256706389eb37beabbd3f94feed
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
253da3174fd517b8b572319807f488b09d2d8c73f0a654361b493fd6b72cc3b1
329c63d1e60592a56dbb383ce4d1281d543cd7615ecaa0db98ffb5ef154ef2c8
3e5eed61b1a2fd1053b0fc778b60b95aa80159b4846f0e9d64e3f85918f51b02
42d9c6f9e20c1bb3e768bbd3ddf7f151dbc60956c5282c00da215e14f79e9791
44a7ac1a3dbe2e3ad7320d8da302f21d8cf4b28e4b87515e2392123949871594
5a1cf344eb88eb7917d82c055c5389eb1bfc2420803497cbc8a0ed4d82c14fc4
700332060df1a0a9fb0bc0f883116cd2c0cbce4404ee116c0c0901a70ca4e3d1
719eedba4ef25d38763e12efef4f1f8b8c8f4476ea379806decba7b5c2bd83b8
74584e41c2dd26db4df68d77addfffccf14a67f75da2c77ca8fa7991535d906b
86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
991c8aba7707066e8d0f351d53a4eedee3b5f00d1db335d9a2ee39903b4b0c8c
a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf
adcbac4fa54a20ed1270d3af1d110696595636dc98882e55bc4b1cbcab746b20
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb088294a151b6dc02d2d076a70d1d9ab733691c099c0b05ae3f05b35a33531d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c2ce5f8a7456af5098f8ab0c5818ee2b2c0f7e9d4463d200a6704f867914f53d
e71d47b6e34d4e93859970ecdf293554e21c1f7aeacc51ed97379a4db990e042
e7af53336de2a5fa363e3b3f64be62e865eb8b326c299436d2fcc3214087e1a0
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5659c2c1cc2f43b381e691b5431cbfcdb52df807f67e7d86313b57b1a846c01
fa6b2e5c20e4297b0e01e0250a743f96f1a29e6cf4529db62e6ac93e0d3ba28c
fab15ede429788420340bc7a8482cd8acd00a38222fd9239844e1e1609f06fc7
ff2a558cce25d933e635503d849e1968025f3d50233b49eab1722fd67cef6eec

tidesofchange.com Open in urlscan Pro 104.197.241.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

1026 kBTransfer

5701 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tidesofchange.com Open in urlscan Pro
104.197.241.213 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1026 kB
Transfer

5701 kB
Size

1
Cookies

28 HTTP transactions
4 data transactions