marshlight.ca Open in urlscan Pro
23.180.104.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://marshlight.ca/
Submission: On November 22 via api (November 22nd 2024, 6:55:54 pm UTC) from BE — Scanned from CA

Summary HTTP 61 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 61 HTTP transactions. The main IP is 23.180.104.34, located in and belongs to STORMWEB, CA. The main domain is marshlight.ca.
TLS certificate: Issued by R11 on October 23rd 2024. Valid for: 3 months.

This is the only time marshlight.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	23.180.104.34 23.180.104.34	14807 (STORMWEB) (STORMWEB)
5	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	104.21.89.113 104.21.89.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
3	142.251.163.105 142.251.163.105	15169 (GOOGLE) (GOOGLE)
1	142.251.163.106 142.251.163.106	15169 (GOOGLE) (GOOGLE)
1	104.21.57.240 104.21.57.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
61	9

42 23.180.104.34 (None, )

ASN14807 (STORMWEB, CA)
PTR: da2.van1.stormweb.net

marshlight.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.89.113 (None, )

ASN13335 (CLOUDFLARENET, US)

eocampaign1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.57.240 (None, )

ASN13335 (CLOUDFLARENET, US)

gallery.eo.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	marshlight.ca marshlight.ca	982 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	427 KB
5	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	169 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	1016 B
1	eo.page gallery.eo.page — Cisco Umbrella Rank: 215049	2 KB
1	eocampaign1.com eocampaign1.com — Cisco Umbrella Rank: 159576	35 KB
61	6

	Domain	Requested by
42	marshlight.ca	marshlight.ca
5	fonts.gstatic.com	marshlight.ca
5	js.stripe.com	marshlight.ca js.stripe.com
4	www.google.com	marshlight.ca eocampaign1.com www.gstatic.com
1	www.gstatic.com	www.google.com
1	gallery.eo.page	marshlight.ca
1	eocampaign1.com	marshlight.ca
61	7

This site contains links to these domains. Also see Links.

Domain
emailoctopus.com
www.facebook.com
instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
marshlight.ca R11	`2024-10-23` - `2025-01-21`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
eocampaign1.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
eo.page WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://marshlight.ca/
Frame ID: 17348C25EF8A59472564E1F7DBD66F2B
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v3/buy-button-app-5923fcb7a5940a3fc36582faa0f0e218679b5cf7.html
Frame ID: 9FCF27D494BD89FE49CD325ED3DA12F5
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-9655d854880904a42abc9c6cb1db7e4c.html
Frame ID: 7978EC8E7AA4D56CBC7FE0C2BB654A7D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2777.072359765441!2d-64.38246828710226!3d45.8898658709635!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x4b5f519facf409ff%3A0x13766d81be7411f9!2sMarshlight%20Theatre%20Company!5e0!3m2!1sen!2sca!4v1728144704288!5m2!1sen!2sca
Frame ID: C291CEF98795651DC0DDC2B83263D585
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly9tYXJzaGxpZ2h0LmNhOjQ0Mw..&hl=en&type=image&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=invisible&cb=cnq4mndoyskm
Frame ID: CB30E6F26E059817FD4F14A2DD6E7FBE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
Frame ID: 26A9F079509CB6F047E686BFB1992AF1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 9B21FD0B48736742DC4762110591DFB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marshlight | Theatre Company

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

61
Requests

97 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

9
IPs

2
Countries

1616 kB
Transfer

3557 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://emailoctopus.com/?utm_source=powered_by_form&utm_medium=user_referral
Title: EmailOctopus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=61559715684057
Title: Follow

Search URL Search Domain Scan URL

URL: http://instagram.com/marshlight.ca
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCw_9TYyNZhzB-GV105-tKuQ
Title: Follow

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
marshlight.ca/ 245 KB
39 KB 2532ms
1892ms Document
text/html 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 0cf24fec3d459773108c3e6d76904a5ce28b6971ba96d3a95c5eb5bbcb58473b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 39808
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 18:55:42 GMT
link: <https://marshlight.ca/wp-json/>; rel="https://api.w.org/", <https://marshlight.ca/wp-json/wp/v2/pages/2397>; rel="alternate"; title="JSON"; type="application/json", <https://marshlight.ca/>; rel=shortlink
server: Apache/2
vary: Accept-Encoding,User-Agent

GET
H2 200 stripe.css
marshlight.ca/wp-content/plugins/my-tickets-stripe/css/ 1 KB
665 B 87ms
82ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-tickets-stripe/css/stripe.css?ver=1.4.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 6334d73beacbf6ea26dee5853329a3a53fb53052f06cf445e39fdb76f4be0744

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "52b-621291fc3ddbc-gzip"
accept-ranges: bytes
content-length: 553
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Mon, 02 Sep 2024 20:52:50 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 dashicons.min.css
marshlight.ca/wp-includes/css/ 58 KB
35 KB 93ms
88ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/css/dashicons.min.css?ver=6.7.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "e688-5bcb129ea2f80-gzip"
accept-ranges: bytes
content-length: 35730
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Thu, 04 Mar 2021 07:46:22 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 mt-cart.css
marshlight.ca/wp-content/plugins/my-tickets/css/ 10 KB
3 KB 88ms
84ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-tickets/css/mt-cart.css?ver=2.0.8
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 5db084106a4b9045100ac59ab2abdcda72f84e330227aa6cdfff1dc565dcd262

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "266d-626da25ec7da9-gzip"
accept-ranges: bytes
content-length: 2603
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Thu, 14 Nov 2024 07:10:41 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 et-divi-dynamic-2397-late.css
marshlight.ca/wp-content/et-cache/2397/ 16 KB
1 KB 88ms
84ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/et-cache/2397/et-divi-dynamic-2397-late.css?ver=1731269800
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 3208b4b1e486296a399984bc45ceb0df6013f7c9103c383c39be2db7cac9a491

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "4184-62694a9737035-gzip"
accept-ranges: bytes
content-length: 1419
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 20:16:40 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 reset.css
marshlight.ca/wp-content/plugins/my-calendar/css/ 32 KB
6 KB 90ms
86ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-calendar/css/reset.css?ver=3.5.20
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: ec2db71286caa958f627f8ee07f2d4703ec4c78492b67e3deb19b4127ce58c57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "7e8a-6277b09281e9c-gzip"
accept-ranges: bytes
content-length: 6433
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Fri, 22 Nov 2024 07:07:28 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 my-calendar.css
marshlight.ca/wp-content/plugins/my-calendar/styles/ 6 KB
1 KB 89ms
85ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-calendar/styles/my-calendar.css?ver=3.5.20-my-calendar-css
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 653d825aa6c5b0cae2d39c389b51068adfa21f534e75f573c72b43022b0a4ff9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "16d3-6277b098305c0-gzip"
accept-ranges: bytes
content-length: 1247
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Fri, 22 Nov 2024 07:07:34 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 jquery.min.js Show response
marshlight.ca/wp-includes/js/jquery/ 86 KB
30 KB 168ms
165ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "15601-61752543108cb-gzip"
accept-ranges: bytes
content-length: 30368
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Tue, 30 Apr 2024 15:50:27 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
marshlight.ca/wp-includes/js/jquery/ 13 KB
5 KB 89ms
86ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "3509-61752542b7ecd-gzip"
accept-ranges: bytes
content-length: 4872
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Tue, 30 Apr 2024 15:50:27 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 / Show response
js.stripe.com/v3/ 690 KB
166 KB 75ms
21ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=6.7.1

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e37d1ada1b107267503c1f4182943e7a8c50e5a9e2a5302fee22edeb2b5842e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

x-request-id: ec50e1a1-54ff-4265-a903-5c1f8bae4d41
content-encoding: br
etag: "a6cd31928b42950674c203321faa574e"
age: 19
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 22 Nov 2024 18:55:48 GMT
last-modified: Fri, 22 Nov 2024 18:27:48 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-yyz4574-YYZ
x-cache-hits: 2
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 169107
server: Fastly

GET
H2 200 waitinglist.js Show response
marshlight.ca/wp-content/plugins/my-tickets-waiting-list/js/ 3 KB
978 B 86ms
85ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-tickets-waiting-list/js/waitinglist.js?ver=1.1.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 96e9fcf19bb819a36b115e9f58eaefdd3c4fd720b9f8158218d74a8eec8e2fad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "b07-621291fe9ec15-gzip"
accept-ranges: bytes
content-length: 885
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Mon, 02 Sep 2024 20:52:53 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 et-core-unified-deferred-2397.min.css
marshlight.ca/wp-content/et-cache/2397/ 3 KB
835 B 85ms
83ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/et-cache/2397/et-core-unified-deferred-2397.min.css?ver=1731269800
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: a09302eba0dd133c6a5a5ca3587911c8d83daaff3860d8f4b730d3b69383e4e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "cd6-62694a9737fd5-gzip"
accept-ranges: bytes
content-length: 758
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 20:16:40 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 Marshlight_Logo_Black.gif
marshlight.ca/wp-content/uploads/2024/05/ 18 KB
18 KB 167ms
165ms Image
image/gif 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/05/Marshlight_Logo_Black.gif
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 287d2b588c87797db55f5c2b4d29f02ef61cc8f63565157babb6f15a6f50d3f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 18690
etag: "4902-617e49611acda"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Tue, 07 May 2024 22:19:57 GMT
content-type: image/gif
server: Apache/2

GET
H2 200 mainSlider_ReturnofGrace2.jpg
marshlight.ca/wp-content/uploads/2024/10/ 177 KB
177 KB 98ms
97ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/10/mainSlider_ReturnofGrace2.jpg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 2b9ba3e2b1b133e182d23e17282d3e7582d3e2d693167b3e1d86545fe091c479

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 181416
etag: "2c4a8-623d40eb99a3e"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 06 Oct 2024 19:39:07 GMT
content-type: image/jpeg
server: Apache/2

GET
H2 200 b7df93ce-6e3d-11ef-b9db-11aa65f4d76b.js Show response
eocampaign1.com/form/ 220 KB
35 KB 671ms
609ms Script
text/javascript 104.21.89.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eocampaign1.com/form/b7df93ce-6e3d-11ef-b9db-11aa65f4d76b.js

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.89.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063217868d5c4c54040dbacb94a6d2e9f0a4b9fcca0eeb620e872a194a2348b5

Security Headers

Name	Value
Content-Security-Policy	default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-uUCZPT6fA9QnXbeIcq77Ve1fzV4=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKlf9Av4gpMs7ytazPnS3jQZsmeqd%2F4fRxNtDMaY6BDWMhqn%2B3enSVYJkDqq%2B%2Fri3a2RBatwCO5zntEwXOYKrx1tK08%2BBVPFs3OhzxWQqwjNMHArCH1GylIeZg%2Fw%2FxSrZTk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18958&sent=10&recv=12&lost=0&retrans=1&sent_bytes=4014&recv_bytes=2192&delivery_rate=204411&cwnd=247&unsent_bytes=0&cid=4fb7fafa3e0830ea&ts=628&x=0"
date: Fri, 22 Nov 2024 18:55:49 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
reporting-endpoints: main-endpoint="https://eocampaign1.com/csp-report"
content-security-policy: default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-uUCZPT6fA9QnXbeIcq77Ve1fzV4=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e6b22c9cb14aaba-YYZ
permissions-policy: camera=(), display-capture=(), geolocation=(), microphone=()
server: cloudflare

GET
H2 200 buy-button.js Show response
js.stripe.com/v3/ 10 KB
3 KB 25ms
22ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/buy-button.js

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b89d32be4426c03c88bae98488dc4d1bf5ae0ff5bcad8469f007d2dfb3e30fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

x-request-id: 6e53699c-4d21-49b5-a109-31efee318198
content-encoding: br
etag: "d47a6ef414d0d48ab2ab010056fe95e8"
age: 29
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 22 Nov 2024 18:55:48 GMT
last-modified: Fri, 22 Nov 2024 18:05:50 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-yyz4574-YYZ
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3171
server: Fastly

GET
H2 200 mediaelementplayer-legacy.min.css
marshlight.ca/wp-includes/js/mediaelement/ 11 KB
3 KB 181ms
181ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "2bf8-5b07dbdd7f280-gzip"
accept-ranges: bytes
content-length: 2592
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 wp-mediaelement.min.css
marshlight.ca/wp-includes/js/mediaelement/ 4 KB
1 KB 82ms
81ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.7.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "105a-58ac9de0ce580-gzip"
accept-ranges: bytes
content-length: 1156
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 stripe.js Show response
marshlight.ca/wp-content/plugins/my-tickets-stripe/js/ 4 KB
1 KB 89ms
84ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-tickets-stripe/js/stripe.js?ver=1.4.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 73a78a870fd12f982ae4f1d2c8e286ebeae8618e33d125a70eea32afb4d65907

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "11d3-621291fc3e1a4-gzip"
accept-ranges: bytes
content-length: 1363
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Mon, 02 Sep 2024 20:52:50 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 dom-ready.min.js Show response
marshlight.ca/wp-includes/js/dist/ 457 B
396 B 91ms
86ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "1c9-6175254204b92-gzip"
accept-ranges: bytes
content-length: 320
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Tue, 30 Apr 2024 15:50:26 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 hooks.min.js Show response
marshlight.ca/wp-includes/js/dist/ 5 KB
2 KB 88ms
83ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "12a8-6234f3ce086c0-gzip"
accept-ranges: bytes
content-length: 1648
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Mon, 30 Sep 2024 05:11:31 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 i18n.min.js Show response
marshlight.ca/wp-includes/js/dist/ 9 KB
4 KB 91ms
86ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "23b5-6175253e78bfe-gzip"
accept-ranges: bytes
content-length: 3667
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Tue, 30 Apr 2024 15:50:22 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 a11y.min.js Show response
marshlight.ca/wp-includes/js/dist/ 2 KB
1 KB 89ms
85ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/dist/a11y.min.js?ver=3156534cc54473497e14
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: cf1aa9163953fb477fe5cf452229042578738fa9e600c6ef64c47e4635ba78c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "936-6228355c073c0-gzip"
accept-ranges: bytes
content-length: 956
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Fri, 20 Sep 2024 01:55:35 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 jquery.public.min.js Show response
marshlight.ca/wp-content/plugins/my-tickets/js/ 7 KB
3 KB 171ms
167ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-tickets/js/jquery.public.min.js?ver=2.0.8
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 49802cce2e9833a5fb8f096e25f724ed2aedf824e9a07e03a1e7a97c16ab6558

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "1d6c-626da25ec9519-gzip"
accept-ranges: bytes
content-length: 2669
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Thu, 14 Nov 2024 07:10:41 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 scripts.min.js Show response
marshlight.ca/wp-content/themes/Divi/js/ 268 KB
69 KB 176ms
171ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.3
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: ad97778077e648e9c0adbd33005dd7d89fc0313a9b6caef7bf29ed253af8a312

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "42f9f-62689a25a0a11-gzip"
accept-ranges: bytes
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 07:07:16 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 jquery.fitvids.js Show response
marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
1 KB 173ms
168ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.3
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "d15-62689a4a9ec45-gzip"
accept-ranges: bytes
content-length: 1341
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 07:07:55 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 magnific-popup.js Show response
marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 22 KB
8 KB 175ms
171ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.27.3
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 22a7ae46aefb3325e3e2761085d7b2ea2cda8dc351cf391a62918bb09784f693

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "5700-62689a4a41413-gzip"
accept-ranges: bytes
content-length: 8337
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 07:07:54 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 easypiechart.js Show response
marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 9 KB
3 KB 173ms
169ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.27.3
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "2466-62689a4aa1356-gzip"
accept-ranges: bytes
content-length: 3118
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 07:07:55 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 salvattore.js Show response
marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
3 KB 176ms
172ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.27.3
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "217e-62689a4a9a5f4-gzip"
accept-ranges: bytes
content-length: 3412
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 07:07:55 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 common.js Show response
marshlight.ca/wp-content/themes/Divi/core/admin/js/ 1 KB
643 B 174ms
170ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.3
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "53f-62689a1dad550-gzip"
accept-ranges: bytes
content-length: 566
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 07:07:08 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 mediaelement-and-player.min.js Show response
marshlight.ca/wp-includes/js/mediaelement/ 154 KB
38 KB 177ms
173ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "26935-5ed9e766bba26-gzip"
accept-ranges: bytes
content-length: 38789
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Wed, 16 Nov 2022 23:02:10 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 mediaelement-migrate.min.js Show response
marshlight.ca/wp-includes/js/mediaelement/ 1 KB
616 B 173ms
169ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.7.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "4a7-5e2c068fa55ce-gzip"
accept-ranges: bytes
content-length: 540
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Fri, 01 Jul 2022 15:55:06 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 wp-mediaelement.min.js Show response
marshlight.ca/wp-includes/js/mediaelement/ 1 KB
615 B 171ms
167ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.7.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "453-5f85d97c45577-gzip"
accept-ranges: bytes
content-length: 538
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 02 Apr 2023 17:15:45 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 mcjs.min.js Show response
marshlight.ca/wp-content/plugins/my-calendar/js/ 9 KB
3 KB 172ms
169ms Script
application/javascript 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/plugins/my-calendar/js/mcjs.min.js?ver=3.5.20
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 8c4246a94f4e8314a1188305aae5a65b016a01406eeb1954e3185ea18c7cfb00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "2495-6277b096f8537-gzip"
accept-ranges: bytes
content-length: 2570
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Fri, 22 Nov 2024 07:07:33 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 et-divi-dynamic-2397-late.css
marshlight.ca/wp-content/et-cache/2397/ 16 KB
1 KB 242ms
242ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/et-cache/2397/et-divi-dynamic-2397-late.css
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 3208b4b1e486296a399984bc45ceb0df6013f7c9103c383c39be2db7cac9a491

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "4184-62694a9737035-gzip"
accept-ranges: bytes
content-length: 1419
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 20:16:40 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H3 200 wXKuE3kQtZQ4pF3D7-P5JeE.woff2
fonts.gstatic.com/s/arsenal/v12/ 41 KB
41 KB 153ms
105ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arsenal/v12/wXKuE3kQtZQ4pF3D7-P5JeE.woff2

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

5fa162041b7aa4eba98cb3f19427dc849077b592dc8d453b6fe5c0ca0e6d8ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://marshlight.ca
Referer: https://marshlight.ca/

Response headers

age: 441647
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 16:15:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 16:15:01 GMT
last-modified: Tue, 19 Apr 2022 18:16:43 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41584
x-xss-protection: 0
server: sffe

GET
H3 200 wXKsE3kQtZQ4pF3D513kueEKmA.woff2
fonts.gstatic.com/s/arsenal/v12/ 43 KB
43 KB 138ms
91ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arsenal/v12/wXKsE3kQtZQ4pF3D513kueEKmA.woff2

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

83d23997f674b4df7b2471e680dbbc91a827c63cc24528e54b451d861d3e299e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://marshlight.ca
Referer: https://marshlight.ca/

Response headers

age: 451685
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:27:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:27:43 GMT
last-modified: Tue, 19 Apr 2022 18:06:42 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44004
x-xss-protection: 0
server: sffe

GET
H2 200 modules.woff
marshlight.ca/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
37 KB 196ms
191ms Font
application/x-font-woff 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://marshlight.ca
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "167b4-62689a211e40a-gzip"
accept-ranges: bytes
content-length: 37328
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 10 Nov 2024 07:07:11 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/x-font-woff

GET
H3 200 wXKrE3kQtZQ4pF3D11o.woff2
fonts.gstatic.com/s/arsenal/v12/ 40 KB
40 KB 123ms
78ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arsenal/v12/wXKrE3kQtZQ4pF3D11o.woff2

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

59c21f8dcdc5cfb1880c7a58b24cf08a2d22f29b819e47a193f741e0f35f65e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://marshlight.ca
Referer: https://marshlight.ca/

Response headers

age: 447115
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 14:43:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 14:43:53 GMT
last-modified: Tue, 19 Apr 2022 18:24:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40448
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptgg87LROyAm0Kx.woff2
fonts.gstatic.com/s/anton/v25/ 46 KB
46 KB 101ms
57ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm0Kx.woff2

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

7915fc062c6ca1e9ad79d5c9f47be838e792e2a6b0e0ffd7670cbedf5f13f95e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://marshlight.ca
Referer: https://marshlight.ca/

Response headers

age: 444662
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 15:24:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 15:24:46 GMT
last-modified: Thu, 24 Aug 2023 20:21:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47056
x-xss-protection: 0
server: sffe

GET
H3 200 wXKpE3kQtZQ4pF3D513cAA.woff2
fonts.gstatic.com/s/arsenal/v12/ 42 KB
42 KB 84ms
41ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arsenal/v12/wXKpE3kQtZQ4pF3D513cAA.woff2

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

d00ab193f1aee119a3a2cf2aea045382fa8e869e9e9c0362951add96fce4c4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://marshlight.ca
Referer: https://marshlight.ca/

Response headers

age: 331476
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 22:51:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 22:51:12 GMT
last-modified: Tue, 19 Apr 2022 18:03:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42708
x-xss-protection: 0
server: sffe

GET
H2 200 postImage_grace2.jpg
marshlight.ca/wp-content/uploads/2024/10/ 105 KB
105 KB 152ms
143ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/10/postImage_grace2.jpg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: dfb78bdcd991757b6376410db83f75859ac861d5e9553d83b1481b2dc8af78ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 107472
etag: "1a3d0-623d40fb6e2ab"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sun, 06 Oct 2024 19:39:23 GMT
content-type: image/jpeg
server: Apache/2

GET
H2 200 postImage_blonde.jpg
marshlight.ca/wp-content/uploads/2024/09/ 47 KB
47 KB 197ms
189ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/09/postImage_blonde.jpg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 1b9d9e2d6c6498c741d2b1e8820a4f6587367da40e1c6a0b12ee2167e3b412d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 48258
etag: "bc82-6221b95f6ab1f"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sat, 14 Sep 2024 22:08:55 GMT
content-type: image/jpeg
server: Apache/2

GET buy-button-app-5923fcb7a5940a3fc36582faa0f0e218679b5cf7.html
js.stripe.com/v3/ Frame 9FCF 0
0

GET
H2 200 buy-button-app-5923fcb7a5940a3fc36582faa0f0e218679b5cf7.html
js.stripe.com/v3/ Frame 9FCF 0
0 55ms
21ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/buy-button-app-5923fcb7a5940a3fc36582faa0f0e218679b5cf7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/buy-button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marshlight.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2911
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=604800, stale-while-revalidate=900
content-encoding: br
content-length: 366
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 18:55:48 GMT
etag: "80d3ff81c9ef3ad02ac061e54a5bca74"
last-modified: Fri, 22 Nov 2024 18:05:50 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 97460346-8174-490a-ac8b-15c813fc3f1e
x-served-by: cache-yyz4531-YYZ

GET
H2 200 style.min.css
marshlight.ca/wp-includes/css/dist/block-library/ 112 KB
15 KB 174ms
174ms Stylesheet
text/css 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
etag: "1c012-62654cd4196c0-gzip"
accept-ranges: bytes
content-length: 15177
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Thu, 07 Nov 2024 16:05:23 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 controller-with-preconnect-9655d854880904a42abc9c6cb1db7e4c.html
js.stripe.com/v3/ Frame 7978 0
0 40ms
19ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-9655d854880904a42abc9c6cb1db7e4c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marshlight.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 22
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 403
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 18:55:48 GMT
etag: "9655d854880904a42abc9c6cb1db7e4c"
last-modified: Fri, 22 Nov 2024 18:05:50 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-content-type-options: nosniff
x-request-id: 8e00ffcb-5903-41dc-87ba-4b5f1fb1c1e3
x-served-by: cache-yyz4531-YYZ

GET
H3 200 embed
www.google.com/maps/ Frame C291 0
0 279ms
191ms Document
text/html 142.251.163.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2777.072359765441!2d-64.38246828710226!3d45.8898658709635!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x4b5f519facf409ff%3A0x13766d81be7411f9!2sMarshlight%20Theatre%20Company!5e0!3m2!1sen!2sca!4v1728144704288!5m2!1sen!2sca

Requested by

Host: marshlight.ca
URL: https://marshlight.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f105.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-SpWgiF7XD-m_eIX5x_7ckA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marshlight.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1130
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-SpWgiF7XD-m_eIX5x_7ckA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 18:55:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H2 200 postImage_glass.jpg
marshlight.ca/wp-content/uploads/2024/09/ 48 KB
48 KB 103ms
102ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/09/postImage_glass.jpg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 8a4966fe75033f2a892fc203fd97a0e92ecbf4a3a634fdac51a92ea4a25c9787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 49346
etag: "c0c2-6221b95fea238"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sat, 14 Sep 2024 22:08:56 GMT
content-type: image/jpeg
server: Apache/2

GET
H2 200 postImage_MTYC.jpg
marshlight.ca/wp-content/uploads/2024/09/ 57 KB
57 KB 101ms
101ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/09/postImage_MTYC.jpg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: b1c9205370113ae1f8e46357cebcb604041d11331e0079160f9f55f4245d2573

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 58027
etag: "e2ab-6221b960a98c6"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Sat, 14 Sep 2024 22:08:57 GMT
content-type: image/jpeg
server: Apache/2

GET
H2 200 postImage_director.jpg
marshlight.ca/wp-content/uploads/2024/09/ 57 KB
57 KB 103ms
102ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/09/postImage_director.jpg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 9f4bba48f0ee7b4b9e8561bd867ead0e9e7b8d007f45fb212ea5142073969020

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 58745
etag: "e579-6224495ed1775"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Mon, 16 Sep 2024 23:03:48 GMT
content-type: image/jpeg
server: Apache/2

GET
H2 200 postImage_newWorks.jpg
marshlight.ca/wp-content/uploads/2024/09/ 60 KB
60 KB 102ms
101ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/09/postImage_newWorks.jpg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 5ba2d56d41e1039a453fd566c75a42026a5538d6a93e43a4e1f891d1251ea943

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 61233
etag: "ef31-62244965bdb68"
date: Fri, 22 Nov 2024 18:55:44 GMT
last-modified: Mon, 16 Sep 2024 23:03:55 GMT
content-type: image/jpeg
server: Apache/2

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1016 B 138ms
57ms Script
text/javascript 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForb7df93ce6e3d11efb9db11aa65f4d76b&render=explicit

Requested by

Host: eocampaign1.com
URL: https://eocampaign1.com/form/b7df93ce-6e3d-11ef-b9db-11aa65f4d76b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

ESF /

Resource Hash

a5af55843adbaaf60fd6aba081e4093a3d15f92c6aebbf7f2fd76f71a7f1d37e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 18:55:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 22 Nov 2024 18:55:49 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 otto.svg
gallery.eo.page/tentacles/icons/v1/powered-by/ 3 KB
2 KB 95ms
31ms Image
image/svg+xml 104.21.57.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gallery.eo.page/tentacles/icons/v1/powered-by/otto.svg
Requested by: Host: marshlight.ca
URL: https://marshlight.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.57.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"72cefcb1dfdc4a35d5899af8e6f9f06c"
age: 2301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8cTFyNDA2J7rIbtrVS%2FyPBMXHx0EWWg776xsaQ0j8ap50IPOBf6CpC4NkWJ%2F7v3%2F1Yr5VAhsMSyzgh71Db2htDxTejWlK0%2BZKacIsJVTyEgP08uTw0vgQgSSXcUdi9uTi4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: A0ekDpvCvDh2fqfvOaD6gq8kRm1oYNFs1bJsPPUrrWTtFT9DElMPpw==
date: Fri, 22 Nov 2024 18:55:49 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Dec 2020 17:25:12 GMT
vary: accept-encoding
server-timing: cfL4;desc="?proto=TCP&rtt=18691&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3974&recv_bytes=2245&delivery_rate=200660&cwnd=246&unsent_bytes=0&cid=7400d29ccd7c58de&ts=40&x=0"
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 1ec8c66313134dadb350974af4c1b678.cloudfront.net (CloudFront)
cf-ray: 8e6b22ce49aaa246-YYZ
x-amz-cf-pop: YTO50-P3
server: cloudflare

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 547 KB
216 KB 90ms
44ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForb7df93ce6e3d11efb9db11aa65f4d76b&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://marshlight.ca
Referer: https://marshlight.ca/

Response headers

content-encoding: gzip
age: 7095
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 16:57:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 16:57:34 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220753
x-xss-protection: 0
server: sffe

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame CB30 0
0 64ms
64ms Document
text/html 142.251.163.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly9tYXJzaGxpZ2h0LmNhOjQ0Mw..&hl=en&type=image&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=invisible&cb=cnq4mndoyskm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uNLdcv4v0IO_Y1pfD6lP9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marshlight.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uNLdcv4v0IO_Y1pfD6lP9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 18:55:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cropped-Marshlight_Logo_Medallion-32x32.png
marshlight.ca/wp-content/uploads/2024/05/ 1 KB
1 KB 84ms
84ms Other
image/png 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://marshlight.ca/wp-content/uploads/2024/05/cropped-Marshlight_Logo_Medallion-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 0a6a1068e95533832af0047cef9784aae3f33e6a05c6cbe3f8c289e82d8a1adf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 1164
etag: "48c-617cdf3f3e5d2"
date: Fri, 22 Nov 2024 18:55:45 GMT
last-modified: Mon, 06 May 2024 19:19:48 GMT
content-type: image/png
server: Apache/2

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 26A9 0
0 72ms
71ms Document
text/html 142.251.163.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sxPwkMVM1Tiq8DmFHzgsIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marshlight.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sxPwkMVM1Tiq8DmFHzgsIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 18:55:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mainSlider_dirtyBlonde-1280x458.jpg
marshlight.ca/wp-content/uploads/2024/09/ 93 KB
93 KB 330ms
163ms Image
image/jpeg 23.180.104.34
STORMWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshlight.ca/wp-content/uploads/2024/09/mainSlider_dirtyBlonde-1280x458.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.180.104.34 -, , ASN14807 (STORMWEB, CA),
Reverse DNS: da2.van1.stormweb.net
Software: Apache/2 /
Resource Hash: 68cfeaadd6d6460cf04f2cce172a9ebdce9a467f73329a401c9bfcd12ff546f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://marshlight.ca/

Response headers

accept-ranges: bytes
content-length: 94898
etag: "172b2-621a17ca9c76b"
date: Fri, 22 Nov 2024 18:55:48 GMT
last-modified: Sun, 08 Sep 2024 20:28:45 GMT
content-type: image/jpeg
server: Apache/2

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 9B21 0
0 20ms
19ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.7.1

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marshlight.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2106471
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 18:55:53 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Mon, 28 Oct 2024 20:20:44 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 407112
x-content-type-options: nosniff
x-request-id: 30603eda-8252-4adc-b472-6707725c83b5
x-served-by: cache-yyz4521-YYZ

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.stripe.com
URL: https://js.stripe.com/v3/buy-button-app-5923fcb7a5940a3fc36582faa0f0e218679b5cf7.html

Domain: js.stripe.com
URL: https://js.stripe.com/v3/buy-button-app-5923fcb7a5940a3fc36582faa0f0e218679b5cf7.html

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 05:30:53	Name: _GRECAPTCHA Value: 09ANOXeZx7ZOvk92KOmD4FnnJxjMXIzOh2SceBc9t6BIVy_3NqrHX7AOoIMlJbxt-faygVz5Q1VcOSCL5h9eylIW0
			marshlight.ca/	1970-01-21 01:21:46	Name: mt_unique_id Value: 1L5iQaD7tfgUP0GqVO-kZs0oZ-FuSms1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eocampaign1.com
fonts.gstatic.com
gallery.eo.page
js.stripe.com
marshlight.ca
www.google.com
www.gstatic.com
js.stripe.com
104.21.57.240
104.21.89.113
142.251.163.105
142.251.163.106
151.101.128.176
172.253.122.94
172.253.63.94
23.180.104.34
063217868d5c4c54040dbacb94a6d2e9f0a4b9fcca0eeb620e872a194a2348b5
0a6a1068e95533832af0047cef9784aae3f33e6a05c6cbe3f8c289e82d8a1adf
0cf24fec3d459773108c3e6d76904a5ce28b6971ba96d3a95c5eb5bbcb58473b
1b9d9e2d6c6498c741d2b1e8820a4f6587367da40e1c6a0b12ee2167e3b412d9
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
22a7ae46aefb3325e3e2761085d7b2ea2cda8dc351cf391a62918bb09784f693
287d2b588c87797db55f5c2b4d29f02ef61cc8f63565157babb6f15a6f50d3f7
2b9ba3e2b1b133e182d23e17282d3e7582d3e2d693167b3e1d86545fe091c479
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3208b4b1e486296a399984bc45ceb0df6013f7c9103c383c39be2db7cac9a491
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
49802cce2e9833a5fb8f096e25f724ed2aedf824e9a07e03a1e7a97c16ab6558
49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
59c21f8dcdc5cfb1880c7a58b24cf08a2d22f29b819e47a193f741e0f35f65e7
5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5ba2d56d41e1039a453fd566c75a42026a5538d6a93e43a4e1f891d1251ea943
5db084106a4b9045100ac59ab2abdcda72f84e330227aa6cdfff1dc565dcd262
5fa162041b7aa4eba98cb3f19427dc849077b592dc8d453b6fe5c0ca0e6d8ce7
6334d73beacbf6ea26dee5853329a3a53fb53052f06cf445e39fdb76f4be0744
653d825aa6c5b0cae2d39c389b51068adfa21f534e75f573c72b43022b0a4ff9
68cfeaadd6d6460cf04f2cce172a9ebdce9a467f73329a401c9bfcd12ff546f4
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
73a78a870fd12f982ae4f1d2c8e286ebeae8618e33d125a70eea32afb4d65907
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
7915fc062c6ca1e9ad79d5c9f47be838e792e2a6b0e0ffd7670cbedf5f13f95e
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
83d23997f674b4df7b2471e680dbbc91a827c63cc24528e54b451d861d3e299e
8a4966fe75033f2a892fc203fd97a0e92ecbf4a3a634fdac51a92ea4a25c9787
8c4246a94f4e8314a1188305aae5a65b016a01406eeb1954e3185ea18c7cfb00
96e9fcf19bb819a36b115e9f58eaefdd3c4fd720b9f8158218d74a8eec8e2fad
9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3
9f4bba48f0ee7b4b9e8561bd867ead0e9e7b8d007f45fb212ea5142073969020
a09302eba0dd133c6a5a5ca3587911c8d83daaff3860d8f4b730d3b69383e4e6
a5af55843adbaaf60fd6aba081e4093a3d15f92c6aebbf7f2fd76f71a7f1d37e
ad97778077e648e9c0adbd33005dd7d89fc0313a9b6caef7bf29ed253af8a312
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b1c9205370113ae1f8e46357cebcb604041d11331e0079160f9f55f4245d2573
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b89d32be4426c03c88bae98488dc4d1bf5ae0ff5bcad8469f007d2dfb3e30fed
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf1aa9163953fb477fe5cf452229042578738fa9e600c6ef64c47e4635ba78c2
d00ab193f1aee119a3a2cf2aea045382fa8e869e9e9c0362951add96fce4c4b3
dfb78bdcd991757b6376410db83f75859ac861d5e9553d83b1481b2dc8af78ab
e37d1ada1b107267503c1f4182943e7a8c50e5a9e2a5302fee22edeb2b5842e3
ec2db71286caa958f627f8ee07f2d4703ec4c78492b67e3deb19b4127ce58c57
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

marshlight.ca Open in urlscan Pro 23.180.104.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

9 IPs

2 Countries

1616 kBTransfer

3557 kBSize

2 Cookies

4 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

marshlight.ca Open in urlscan Pro
23.180.104.34 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

9
IPs

2
Countries

1616 kB
Transfer

3557 kB
Size

2
Cookies

61 HTTP transactions
0 data transactions