urlscan.io logo urlscan.io
SecurityTrails logo

fareharbor.com Open in urlscan Pro
54.177.154.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Submission: On December 06 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 14 domains to perform 48 HTTP transactions. The main IP is 54.177.154.80, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is fareharbor.com. The Cisco Umbrella rank of the primary domain is 31086.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 26th 2024. Valid for: a year.
This is the only time fareharbor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    54.177.154.80 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-154-80.us-west-1.compute.amazonaws.com
fareharbor.com
4    3.171.131.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-131-178.jfk52.r.cloudfront.net
dipr2nuwo661l.cloudfront.net
2    2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    45.60.73.55 (United States)

ASN19551 (INCAPSULA, US)
secure.payconex.net
1    147.12.18.68 (Netherlands)

ASN200596 (ADYEN Adyen N.V., NL)
PTR: 930C1244.adyen.com
checkoutshopper-live.adyen.com
1    2607:f8b0:4004:c08::8a (Washington, United States)

ASN15169 (GOOGLE, US)
translate.google.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o10963.ingest.sentry.io
1    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
www.gstatic.com
1    2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
translate.googleapis.com
2    52.85.132.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-96.iad50.r.cloudfront.net
js.stripe.com
10    151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.filestackcontent.com
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.251.111.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net
www.google.ca
2    34.192.16.11 (None, )

ASN- ()
api.honeycomb.io
Apex Domain
Subdomains		 Transfer
16 fareharbor.com
fareharbor.com — Cisco Umbrella Rank: 31086
430 KB
10 filestackcontent.com
cdn.filestackcontent.com — Cisco Umbrella Rank: 18617
854 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1073
185 KB
4 cloudfront.net
dipr2nuwo661l.cloudfront.net
2 MB
2 honeycomb.io
api.honeycomb.io
144 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
544 B
2 google.com
translate.google.com — Cisco Umbrella Rank: 1113
analytics.google.com — Cisco Umbrella Rank: 142
30 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
196 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
63 B
1 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 912
74 KB
1 gstatic.com
www.gstatic.com
4 KB
1 sentry.io
o10963.ingest.sentry.io — Cisco Umbrella Rank: 46834
297 B
1 adyen.com
checkoutshopper-live.adyen.com — Cisco Umbrella Rank: 16622
100 KB
1 payconex.net
secure.payconex.net — Cisco Umbrella Rank: 104594
6 KB
48 14
Domain Requested by
16 fareharbor.com fareharbor.com
dipr2nuwo661l.cloudfront.net
10 cdn.filestackcontent.com fareharbor.com
4 js.stripe.com fareharbor.com
js.stripe.com
4 dipr2nuwo661l.cloudfront.net fareharbor.com
2 api.honeycomb.io dipr2nuwo661l.cloudfront.net
2 www.googletagmanager.com fareharbor.com
www.googletagmanager.com
1 www.google.ca fareharbor.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com dipr2nuwo661l.cloudfront.net
1 translate.googleapis.com
1 www.gstatic.com
1 o10963.ingest.sentry.io dipr2nuwo661l.cloudfront.net
1 translate.google.com fareharbor.com
1 checkoutshopper-live.adyen.com fareharbor.com
1 secure.payconex.net fareharbor.com
48 16

This site contains links to these domains. Also see Links.

Domain
google.com
calendar.yahoo.com
www.google.com
Subject Issuer Validity Valid
production.fareharbor.com
Amazon RSA 2048 M02		 2024-03-26 -
2025-04-24		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-10-30 -
2025-02-06		 3 months crt.sh
secure.payconex.net
Go Daddy Secure Certificate Authority - G2		 2024-05-24 -
2025-06-25		 a year crt.sh
*.adyen.com
GeoTrust TLS RSA CA G1		 2024-01-11 -
2025-02-08		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-03 -
2025-07-29		 10 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.filestackcontent.com
R11		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.ca
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.honeycomb.io
Amazon RSA 2048 M03		 2024-01-30 -
2025-02-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Frame ID: BE2F4B4447B4FD3CC2AB76134C64589C
Requests: 45 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffareharbor.com&stripe_xdm_c=default714540&stripe_xdm_p=1
Frame ID: 5BBAF9A966EA971FD1044E4A427FAB9D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-CRSZ7X564R&gacid=185953007.1733465030&gtm=45je4c40v9124931455za200zb897214346&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1664134507
Frame ID: 23EE35E25F853EF947C15FF7B1731D77
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 85E39C91240540B18AE9B12522BDE491
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Order #DUEHME | Northern Lights Village Levi

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

48
Requests

100 %
HTTPS

35 %
IPv6

14
Domains

16
Subdomains

18
IPs

2
Countries

3576 kB
Transfer

12667 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/ 		2 MB
314 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
9a3bed5628cef8638ea79d8c5fc5dc4ea4f0196c06d997a96893808a935df548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
en-us
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://secure.payconex.net https://cert.payconex.net dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.honeycomb.io https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 06:03:48 GMT
p3p
CP="This is not a P3P policy."
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-amzn-trace-id
Root=1-675293c3-424a585f1bd0b0334f4d2ddb
x-content-type-options
nosniff
x-fh-loadbalancer
production
x-xss-protection
1; mode=block
main-styles.dd7e0ef2755df448b014.css
dipr2nuwo661l.cloudfront.net/static/dist/ 		890 KB
181 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dipr2nuwo661l.cloudfront.net/static/dist/main-styles.dd7e0ef2755df448b014.css
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.131.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-131-178.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db8eb6b0097c8655c42981c14b7e89d13d093ef5dabf7a979b14e079b8565c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"29cede4f2604b9093677fe93c070daa8"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
-595Tl8arWPDWNXSDY_VxMLJCC1r6t5Rn3nYkVXu7iFAHwBh-yDeCg==
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
text/css
vary
Accept-Encoding
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Thu, 05 Dec 2024 18:15:52 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 a9dc097bbaf22a663c80eb85450d7cce.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
fonts.eacdf4961de415ddab83.css
dipr2nuwo661l.cloudfront.net/static/dist/ 		2 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dipr2nuwo661l.cloudfront.net/static/dist/fonts.eacdf4961de415ddab83.css
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.131.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-131-178.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0200f0f25658abad4240de4f1e276a6a7b1df1b8ad2e9c2aa04baa23791f9e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"af300bcdcaca533588b19bee5fd3316d"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
o96PnFzqye624YMr2DsQn55a5Og4ZySJ9uztswtIPFSAqaccIglB2g==
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
text/css
vary
Accept-Encoding
x-amz-expiration
expiry-date="Wed, 19 Feb 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Wed, 20 Nov 2024 20:20:13 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 a9dc097bbaf22a663c80eb85450d7cce.cloudfront.net (CloudFront)
content-length
324
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
output.eb17a51b3842.js
dipr2nuwo661l.cloudfront.net/static/cache/js/ 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.131.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-131-178.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb17a51b3842b7721bce81c26643b7c79bb4d8cb48edcdedcaa51795753f60d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"8036491817de55b4e82cfeb9a3e39b81"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
wEgX39JlTfapRvw6EicYZOsPLE1ogf5OVfgC42AsFobm0WHt5RCMAA==
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-expiration
expiry-date="Tue, 25 Feb 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Tue, 26 Nov 2024 19:53:06 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 a9dc097bbaf22a663c80eb85450d7cce.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		271 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6WXE90X597
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ddd5780d54208733fc83d81e316937070d79a29b85e017350184c8847e9159c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 06 Dec 2024 06:03:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97336
x-xss-protection
0
server
Google Tag Manager
honeycomb-sdk-bundle.js
fareharbor.com/static/dist/ 		200 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/static/dist/honeycomb-sdk-bundle.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
c46b88c5c5746d0f309891fbe133e297327f19f287ba30ef172bd506e797ce54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us

Response headers

content-encoding
gzip
etag
"5e92f12e664baa66d2df24f9a3b332f2"
x-content-type-options
nosniff
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 23:00:58 GMT
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
x-amz-id-2
cpnDgyvPfYrMuhlzSEwwsdXjFm7z89Vu7RNtwwHFxMhE//JoZdcHijFxsWridJ4C9Zxvxdbc9+o=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
x-amz-request-id
2YHRQS3SSKM0S0Y1
x-xss-protection
1; mode=block
server
AmazonS3
x-amz-server-side-encryption
AES256
djangojs.js
fareharbor.com/static/jstranslation/en-us/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/static/jstranslation/en-us/djangojs.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
7be221b7585120acee6b00a4a704773850e9dcf9cf0f4f732e64b6647df0ded2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us

Response headers

content-encoding
gzip
etag
"442b313fe22223699efd3b4d3d975241"
x-content-type-options
nosniff
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 23:01:00 GMT
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
x-amz-id-2
LqvqyJOSPmH99/oyKsQ90YHC/h2SERbDndfd7LRAc8E5MV2z+BlVa2ItCbHcZJO4VXJR649490UGSocw9WM7eA==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
x-amz-request-id
2YHW2V3VBS6NN43B
content-length
973
x-xss-protection
1; mode=block
server
AmazonS3
x-amz-server-side-encryption
AES256
/
js.stripe.com/v2/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a1b09be9a7642c5fee2094c5c169b8bfd0ff0c325cc873771bc53973b5ef60a2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

x-request-id
f3e51687-9c68-400b-bb3e-f31855a44811
content-encoding
br
etag
"d4244ebaa59290b954774d48cb8cc6ef"
age
73
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Fri, 06 Dec 2024 06:03:48 GMT
last-modified
Wed, 16 Oct 2024 18:47:24 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-yul1970062-YUL
x-cache-hits
1
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
19860
server
Fastly
/
js.stripe.com/v3/ 		692 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d834f1d8d599d73d5d5a63edae9b409299ea5701308af351a509264ea9d51204
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

x-request-id
7c814223-e554-4830-9bf7-9f5eb4a9cdfd
content-encoding
br
etag
"838f021032c36e3fe69bcb27bcf45501"
age
14
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Fri, 06 Dec 2024 06:03:48 GMT
last-modified
Thu, 05 Dec 2024 21:54:15 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-yul1970062-YUL
x-cache-hits
3
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
169383
server
Fastly
iframe-lib-1.0.0.js
secure.payconex.net/iframe/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.payconex.net/iframe/iframe-lib-1.0.0.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.73.55 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b18cc555d4f4ee121a365208814327239667668d8700594b310d3c857fb6cddb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

x-iinfo
12-33599408-0 0CNN RT(1733465028069 34) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=1286, public, must-revalidate
content-encoding
gzip
etag
"dc6b1c92"
x-cdn
Imperva
expires
Fri, 06 Dec 2024 06:25:14 GMT
content-length
5733
date
Fri, 06 Dec 2024 06:03:48 GMT
last-modified
Wed, 02 Oct 2024 19:45:55 GMT
content-type
application/javascript
adyen.js
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.8.1/ 		402 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.8.1/adyen.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.12.18.68 , Netherlands, ASN200596 (ADYEN Adyen N.V., NL),
Reverse DNS
930C1244.adyen.com
Software
/
Resource Hash
dffbfa6094b00631aa49667e25e7e7a17a113580f38d6d35e9f8ba87a8b972ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600
nel
{"report_to":"network-reports","max_age":86400,"include_subdomains":false,"success_fraction":0.0,"failure_fraction":1.0}
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"network-reports","max_age":86400,"endpoints":[{"url":"https://nel.cdn.adyen.com/upload-reports"}],"include_subdomains":false}
traceparent
00-091128d89f9fe83c162075e518d6c62b-e42615c0e78e3838-01
access-control-allow-origin
*
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
text/javascript;charset=UTF8
element.js
translate.google.com/translate_a/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
294d7d02e95339f3fca020e8722e671d30ce1afec65935e090c9a8908f4e8e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:03:48 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
output.f19a47454b27.js
dipr2nuwo661l.cloudfront.net/static/cache/js/ 		4 MB
999 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.f19a47454b27.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.131.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-131-178.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f19a47454b277319dedb77f7b7ce012bcfc4ca706faf10dbdfab375e5e1c5f59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
etag
"5f2867cb76fd35dc357a692ac613fb03"
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-amz-cf-id
r6BNfeoZ7sQFG6EKB8n0Jfo58cOER3RlFhKblp_UJ2m69FvrkQjHFw==
date
Fri, 06 Dec 2024 06:03:48 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Thu, 05 Dec 2024 19:59:04 GMT
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
cache-control
public, max-age=3153600
via
1.1 a9dc097bbaf22a663c80eb85450d7cce.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
/
o10963.ingest.sentry.io/api/5933789/envelope/ 		2 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://fareharbor.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:03:49 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.KNTRWfMnI_M.O/am=DAY/d=1/rs=AN8SPfrXw7i-_7Qzr36fIWYXdRhkdZh-Wg/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
age
343471
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 06:39:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 06:39:18 GMT
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
4144
x-xss-protection
0
server
sffe
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.KNTRWfMnI_M.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqzvsW2KLEj6yi5uUTl6GNx6SZwyw/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.KNTRWfMnI_M.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqzvsW2KLEj6yi5uUTl6GNx6SZwyw/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.KNTRWfMnI_M.O/am=DAY/d=1/rs=AN8SPfrXw7i-_7Qzr36fIWYXdRhkdZh-Wg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46d2ae7fd4d33542d7f44c4089a05e81b2dc935c135cf6c2c7fef178aed3bed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
gzip
age
42657
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 18:12:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 18:12:52 GMT
last-modified
Wed, 04 Dec 2024 06:14:51 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
75120
x-xss-protection
0
server
sffe
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
285b9656a21e8df80ba9451994b129425bca45fb9f89fe4763b805e5f4b6467f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
sentry-trace
bd64e58bce4747518da3539db8d2298d-aecbb248e7771de9-0
traceparent
00-f3a070c92ba1fd03a842788fc45d91e0-a32d516deb62fd8b-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-675293c5-21e8db5850f0281a2011b557
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:49 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/flow-nodes/default/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/flow-nodes/default/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
86226ec1e5d34386eb8953b9e862d58d34eaa4b29ed57fa705d0dfe19cb3dee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
sentry-trace
bd64e58bce4747518da3539db8d2298d-801472861eea0cc8-0
traceparent
00-29750c7a23e6730c06f3c8aedbe16d06-d9d52c9e2ae6c444-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-675293c5-7d256e6c1812d574685bcb12
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:49 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
channel.html
js.stripe.com/v2/ Frame 5BBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffareharbor.com&stripe_xdm_c=default714540&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-96.iad50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fareharbor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
250
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=300
content-encoding
gzip
content-security-policy
report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src https://api.stripe.com; default-src 'self'; form-action 'none'; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-M1LJiJCn3XBCZ1erCVATqpCSJ5Yd9sUrS2npRlBZ6YE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 05:59:56 GMT
etag
W/"19af0c6cc7a0bca20a355b3362dc64a0"
last-modified
Wed, 16 Oct 2024 18:47:24 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d5710f445906ae917df909d01c495c9e.cloudfront.net (CloudFront)
x-amz-cf-id
rW4HMb1Ho0a_W8J8XxtMMuH7Kvwr4nh2ERzWqtfciGyy5A5vuImr9Q==
x-amz-cf-pop
IAD50-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
/
fareharbor.com/api/v1/persistence/27add50b-cbe5-4d7b-8b14-e2fdede02fd5/northernlightsvillagelevi/analytics/ 		14 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/persistence/27add50b-cbe5-4d7b-8b14-e2fdede02fd5/northernlightsvillagelevi/analytics/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1c197daef20de3f47eec5e2f735ec6669869d3180cc29f35be4788511e0af0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
sentry-trace
bd64e58bce4747518da3539db8d2298d-a5e1c57a1d0f9243-0
traceparent
00-e98b8e038a76b13a49d03b5c8f633c31-b021a06a0bc7a034-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-675293c5-74f6c05e78c31068698e7873
x-content-type-options
nosniff
content-length
14
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:49 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/persistence/27add50b-cbe5-4d7b-8b14-e2fdede02fd5/northernlightsvillagelevi/cart/ 		14 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/persistence/27add50b-cbe5-4d7b-8b14-e2fdede02fd5/northernlightsvillagelevi/cart/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1c197daef20de3f47eec5e2f735ec6669869d3180cc29f35be4788511e0af0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
sentry-trace
bd64e58bce4747518da3539db8d2298d-ab1f8f3a7041935d-0
traceparent
00-8f364faf3056bddc9994d6e4ed0e32b5-a56bc3f784c33795-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-675293c5-59cac2ce178c4405731439e6
x-content-type-options
nosniff
content-length
14
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:49 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/ 		72 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
7d66ee92d337817bebf4c89efeedb172cd27ece98b09d9864da5c8f60d2663ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
sentry-trace
bd64e58bce4747518da3539db8d2298d-801561c7263cbc22-0
traceparent
00-75f694d690e2fc963c9e800b7c9d27df-faae53cbcb4a0bfb-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-675293c5-5b8314055dc6b28536c94fa2
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f30784c147853c6e73ee5be29fcd96195f1824d3bd9fbf6080860eff6188adba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://fareharbor.com
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
convert
cdn.filestackcontent.com/s7mTGBM0QVahDQiBIrNf/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/s7mTGBM0QVahDQiBIrNf/convert?cache=true&compress=true&quality=90&h=250&fit=max
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9158f023b96a61687b1a024768bcd2acdc80c9f672050cf12eb577d7cd874ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"be0de8e6a9c5d9bbcb9849cff670fb40"
age
145634
access-control-allow-methods
GET, POST
filestack-trace-id
1732565767-zmnWkkXTrq
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
Untitled-10.png
content-type
image/png
content-disposition
inline; filename="Untitled-10.png"
x-served-by
cache-iad-kjyo7100142-IAD, cache-yul1970078-YUL
last-modified
Mon, 28 Oct 2024 11:04:05 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
18, 0
cache-control
public, max-age=31536000
x-timer
S1733465030.074709,VS0,VE23
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
80271
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/a-services/ 		799 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/a-services/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
f01f5d44634c07955b4cfc61af997c2ac97a5028340bfb1ea7d42fa0e12565f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
sentry-trace
bd64e58bce4747518da3539db8d2298d-ab7f72de57faccd3-0
traceparent
00-bd5ed0dc948a0e989e808d367259cd3c-49e2c0aaa1936c73-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-675293c6-20e334dc6457498d5fbe5895
x-content-type-options
nosniff
content-length
799
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		313 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CRSZ7X564R&l=dataLayer&cx=c&gtm=45je4c40v897214346za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6WXE90X597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c120600fa58f8ed861f1529155bc9b4a69b1dbdbd5f5bd2d63f08c2cfae35876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 06 Dec 2024 06:03:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:03:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102621
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/ 		0
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CRSZ7X564R&gtm=45je4c40v9124931455za200zb897214346&_p=1733465029989&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=185953007.1733465030&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1733465030&sct=1&seg=0&dl=https%3A%2F%2Ffareharbor.com%2Fembeds%2Fbook%2Fnorthernlightsvillagelevi%2Forders%2Fbac991dd-1703-4b4c-b7eb-6f8ef62725df%2F%3Flanguage%3Den-us&dt=FareHarbor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.company_shortname=northernlightsvillagelevi&tfd=2670
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fareharbor.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:03:50 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
544 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CRSZ7X564R&cid=185953007.1733465030&gtm=45je4c40v9124931455za200zb897214346&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CRSZ7X564R&l=dataLayer&cx=c&gtm=45je4c40v897214346za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fareharbor.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:03:50 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 23EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-CRSZ7X564R&gacid=185953007.1733465030&gtm=45je4c40v9124931455za200zb897214346&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1664134507
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CRSZ7X564R&l=dataLayer&cx=c&gtm=45je4c40v897214346za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fareharbor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Dec 2024 06:03:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
fareharbor.com/csp-report/ 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/csp-report/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-675293c6-7a1a5acf3abac5ea5289689a
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://secure.payconex.net https://cert.payconex.net dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.honeycomb.io https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
x-content-type-options
nosniff
content-length
2
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CRSZ7X564R&cid=185953007.1733465030&gtm=45je4c40v9124931455za200zb897214346&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=602939386
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
fareharbor.com/csp-report/ 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/csp-report/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-675293c6-1e7369050c02e1f874ba2cd8
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://secure.payconex.net https://cert.payconex.net dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.honeycomb.io https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
x-content-type-options
nosniff
content-length
2
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
favicon.ico
fareharbor.com/ 		36 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
015e845b1eb061a34ff29f962aee72b56848d94e14e78633f7f23f0e3e4ab36e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us

Response headers

x-amz-id-2
xcrLsI9W/8zNXyjYUi7DZzxPo6AWBSPOSyJWYcOLrm6TxOVEy8Mu+3lQypn5fyUE4OPyS3AtrM8=
strict-transport-security
max-age=31536000
x-amz-server-side-encryption
AES256
x-fh-loadbalancer
production
content-encoding
gzip
etag
"55cfe98f37179622fc2d327c4a80d85f"
x-content-type-options
nosniff
x-amz-request-id
DS0DR0JPDB0DKHNP
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
image/vnd.microsoft.icon
last-modified
Thu, 05 Dec 2024 23:00:57 GMT
server
AmazonS3
x-amz-expiration
expiry-date="Thu, 06 Mar 2025 00:00:00 GMT", rule-id="remove_old_files"
vary
Accept-Encoding
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/214146/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/214146/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
c3cdadf24b4ec21d8225b0fd4e9a2dc001f48fa305216510e572bcab3c810e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-0abf6ae349b4199a0a9c08d584993808-b7a8775353ffcdb7-01
X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-675293c6-30a67e9c2a71239d14512ccc
x-content-type-options
nosniff
content-length
1552
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/110955/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/110955/
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f32c748c27ef786d70ebaf8f0f6e521808201923981a17b4eeca86868c36155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-04ff3ac1986e62c18e6d8c138989e71d-6faadec0ed1e81ec-01
X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-675293c6-48a015f8292419746422fc11
x-content-type-options
nosniff
content-length
1919
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/flow-nodes/103456/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/flow-nodes/103456/?is_page=yes
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
73e406cf6041e70a1a94cccea088f82c70c672b303d18d99cae9f026e55d803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-043f1e55f3649591611cf053f5eed386-e1a2f03cbb339bc3-01
X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
content-encoding
gzip
x-amzn-trace-id
Root=1-675293c6-3d215bbe2b11c77f4c49e6f0
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:50 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
convert
cdn.filestackcontent.com/LohEYbETPxwit6d5NqPg/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/LohEYbETPxwit6d5NqPg/convert?cache=true&compress=true&quality=90&h=250&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b1321715f8391c3994d1369ab40edfce6963dd25f6547df8db537af0a2b8cc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"7934eab04d178296ff1110ef20d7a518"
age
1348277
access-control-allow-methods
GET, POST
filestack-trace-id
1730891028-IYgRdzNwSQ
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
17039332_1623809214303209_2876669573275775991_o.jpg
content-type
image/jpeg
content-disposition
inline; filename="17039332_1623809214303209_2876669573275775991_o.jpg"
x-served-by
cache-iad-kiad7000052-IAD, cache-yul1970078-YUL
last-modified
Wed, 23 Oct 2024 05:11:26 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
30, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.735417,VS0,VE18
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
43191
convert
cdn.filestackcontent.com/YubocsRlSL6REDNpS8yc/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/YubocsRlSL6REDNpS8yc/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35417e04fc620e8f4ac3027d0cc4d503b63469bb5f5ba10de7842e0ed2375e29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"1c97339df6d3d49f79e6234d9594f775"
age
1613614
access-control-allow-methods
GET, POST
filestack-trace-id
1731851416-zh5mHFeQ4x
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
searchingforsanta-0564.jpg
content-type
image/jpeg
content-disposition
inline; filename="searchingforsanta-0564.jpg"
x-served-by
cache-iad-kjyo7100147-IAD, cache-yul1970078-YUL
last-modified
Sun, 17 Nov 2024 13:50:17 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
82, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.892752,VS0,VE23
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
80990
convert
cdn.filestackcontent.com/q2qGHsbSZeFQHHXkouXt/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/q2qGHsbSZeFQHHXkouXt/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a35a7ca23b2c4e64c2c3bb33c6f539bb8f934103b5a8d5d33cfa37bf1c1a37c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"6c7fac5e99860482182cbe8c545b68cc"
age
134856
access-control-allow-methods
GET, POST
filestack-trace-id
1729196821-DWz6h5PYS5
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
11.21 ACL by Tijn-19-L.jpg
content-type
image/jpeg
content-disposition
inline; filename="11.21 ACL by Tijn-19-L.jpg"
x-served-by
cache-iad-kcgs7200146-IAD, cache-yul1970078-YUL
last-modified
Thu, 17 Oct 2024 20:27:03 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
14, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.892725,VS0,VE29
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
35440
convert
cdn.filestackcontent.com/sccgtVICStGUPAPj6sTj/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/sccgtVICStGUPAPj6sTj/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47c6f28a7948faf51a8a7343d9c0d8b6ae322c70a297fe193be4c0e5989130ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"c0682b0d97a347be8d2073cd3f9877d0"
age
853186
access-control-allow-methods
GET, POST
filestack-trace-id
1731923068-Z427VD4wRN
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
HT4A1054.jpg
content-type
image/jpeg
content-disposition
inline; filename="HT4A1054.jpg"
x-served-by
cache-iad-kiad7000165-IAD, cache-yul1970078-YUL
last-modified
Wed, 23 Oct 2024 06:59:15 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
57, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.893355,VS0,VE18
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
91634
convert
cdn.filestackcontent.com/hvns7YPxQVePF2XPAyOD/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/hvns7YPxQVePF2XPAyOD/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
980d6f8b7787e481222a5b1f9d82ab46ca68a81b4d9125a64109a9279c2c0977

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"0b17781cc20ec2b53a1f0e39c97e61a6"
age
2037755
access-control-allow-methods
GET, POST
filestack-trace-id
1730011256-FHywOR0rQ4
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
Screen Shot 2020-08-27 at 21.35.10.png
content-type
image/png
content-disposition
inline; filename="Screen Shot 2020-08-27 at 21.35.10.png"
x-served-by
cache-iad-kjyo7100115-IAD, cache-yul1970078-YUL
last-modified
Tue, 15 Oct 2024 12:20:25 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
119, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.893438,VS0,VE24
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
262475
convert
cdn.filestackcontent.com/g4pCqRrjSxGy093lX4zk/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/g4pCqRrjSxGy093lX4zk/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5dc502fc6977f8ebd807d14a32bfb8e678d6d0e7b0e4ad31cf8c8ef08d836d7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"521fb9a2fa21619840dd3c7343f4f8cf"
age
190829
access-control-allow-methods
GET, POST
filestack-trace-id
1732518758-fhB5IioRme
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
53082630_2589630907721030_3686429095115096064_o.jpg
content-type
image/jpeg
content-disposition
inline; filename="53082630_2589630907721030_3686429095115096064_o.jpg"
x-served-by
cache-iad-kiad7000146-IAD, cache-yul1970078-YUL
last-modified
Mon, 25 Nov 2024 07:12:39 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
21, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.893309,VS0,VE16
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
54521
convert
cdn.filestackcontent.com/lZKnGbRDTUSPyQGFQCQ4/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/lZKnGbRDTUSPyQGFQCQ4/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bc1c9e70cda7e02a2f3f029a9a2bbea90a5c53751000fd4e57c255969ab0f480

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"3c2b6399e7cca6a2309723b1635a767e"
age
1327684
access-control-allow-methods
GET, POST
filestack-trace-id
1728044367-9pTTouiRqO
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
Reindeer 2.jpg
content-type
image/jpeg
content-disposition
inline; filename="Reindeer 2.jpg"
x-served-by
cache-iad-kiad7000148-IAD, cache-yul1970078-YUL
last-modified
Fri, 04 Oct 2024 12:19:28 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
69, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.893277,VS0,VE16
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
46357
convert
cdn.filestackcontent.com/HAVOP8QBTgidi7tMHedj/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/HAVOP8QBTgidi7tMHedj/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da0b93d8218ac6b1110afc24ba7146ffb2653334e2584cd9df7387da41e6ea22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"74de7efe935272bd6ec10e60403ac856"
age
579344
access-control-allow-methods
GET, POST
filestack-trace-id
1732885686-ExQ1NRljRi
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
Nellim-9.jpg
content-type
image/jpeg
content-disposition
inline; filename="Nellim-9.jpg"
x-served-by
cache-iad-kjyo7100059-IAD, cache-yul1970078-YUL
last-modified
Fri, 29 Nov 2024 13:08:08 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
47, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.893270,VS0,VE22
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
127666
convert
cdn.filestackcontent.com/q3rWFSTQbWw8hMaIsmVn/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.filestackcontent.com/q3rWFSTQbWw8hMaIsmVn/convert?cache=true&compress=true&quality=90&w=550&fit=max
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34f395a68ce9fc56ecf197a8c698d0fa85480cabddb947989b087f653beb5de6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fareharbor.com/

Response headers

access-control-max-age
21600
access-control-expose-headers
X-File-Name
etag
"2054feead5a6b0ca1669979af5d0bb86"
age
162639
access-control-allow-methods
GET, POST
filestack-trace-id
1732347332-PsK1n7xUR3
x-cache
HIT, MISS
date
Fri, 06 Dec 2024 06:03:50 GMT
x-file-name
AdobeStock_243108732.jpg
content-type
image/jpeg
content-disposition
inline; filename="AdobeStock_243108732.jpg"
x-served-by
cache-iad-kcgs7200038-IAD, cache-yul1970078-YUL
last-modified
Wed, 06 Nov 2024 09:44:24 GMT
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
18, 0
cache-control
public, max-age=31536000
x-timer
S1733465031.893268,VS0,VE36
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
47735
/
fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/110877/pricing-overview/ 		21 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/api/v1/companies/northernlightsvillagelevi/items/110877/pricing-overview/?
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.177.154.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-154-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
74f6a3108b6c3eada44bdd5e24d6a0e5d2dab046cd129392695e91ee67e60b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-92cac51f9cbf0de69e4e3fefbf781731-0a5a464f4cc36527-01
X-FH-Target-Language
en-us
X-CSRFToken
T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
Referer
https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-675293c6-50bc50ee4d09f90e28c9d7e2
x-content-type-options
nosniff
content-length
21
p3p
CP="This is not a P3P policy."
date
Fri, 06 Dec 2024 06:03:51 GMT
x-xss-protection
1; mode=block
content-type
application/json
content-language
en-us
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 85E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.85.132.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-96.iad50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fareharbor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2187
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 05:27:28 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 15 Nov 2024 21:14:25 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 ec22576e88e707bf58c11e0ee75d019c.cloudfront.net (CloudFront)
x-amz-cf-id
H81fW4HHXD4xba2A537b-aLF47c2_hfvC9cl--eUlWZcz8uBtxVZzA==
x-amz-cf-pop
IAD50-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
traces
api.honeycomb.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.honeycomb.io/v1/traces
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.16.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-honeycomb-team
Access-Control-Request-Method
POST
Origin
https://fareharbor.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Honeycomb-Team, X-Honeycomb-Dataset, X-Honeycomb-Samplerate, X-Honeycomb-Event-Time, Content-Type, User-Agent, X-Honeycomb-UserAgent
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
application/json
date
Fri, 06 Dec 2024 06:03:55 GMT
request-id
d4bd3e1f251920cb335d6c4de74cd2d1
vary
Accept-Encoding
traces
api.honeycomb.io/v1/ 		2 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.honeycomb.io/v1/traces
Requested by
Host: dipr2nuwo661l.cloudfront.net
URL: https://dipr2nuwo661l.cloudfront.net/static/cache/js/output.eb17a51b3842.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.16.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://fareharbor.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
x-honeycomb-team
hcaik_01ja89093fesh5p0qrdqk7k7vt6d4d8j9sj6tmv27327c75hqrtsb133cz
Content-Type
application/json

Response headers

request-id
16b33b51b062ed1ac0ad58752dd062f6
access-control-allow-origin
*
content-length
2
date
Fri, 06 Dec 2024 06:03:55 GMT
content-type
application/json
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| event object| envFeatureFlags object| envVars object| $$loadTime object| slipstream function| applyFocusVisiblePolyfill object| Sentry object| webpackChunkfareharbor_com function| clearImmediate function| setImmediate function| _ function| jQuery function| $ function| moment function| ldmlnum object| angular object| jQuery112406274994037625039 object| __SENTRY__ function| _ga4Setup function| _mixpanelSetup object| __sentry_instrumentation_handlers__ object| google_tag_manager object| google_tag_data object| dataLayer object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format function| djangoJsInterpolate function| T function| cT function| nT function| ncT function| Stripe object| webpackChunkStripeJSouter function| noop function| BluefinException function| isJSON function| PaymentiFrame string| _a$checkoutShopperUrl string| _a$hppUrl function| AdyenCheckout function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| $$console string| FH_VERSION function| configure object| $$cache object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| intlTelInputGlobals object| intlTelInputUtils object| $$auth object| $$navigation object| $$location object| fhLabsExperiments object| fhLabsData function| $$overrideFhLabsExperiment function| $$overrideFhLabsData object| FH object| $$cart object| $$injector function| $$digest function| $$scope boolean| __VUE__ object| analyticsContext boolean| shouldNotStartInternalTrackers function| _gTag object| gaGlobal object| $$paymentCtrl

8 Cookies

Domain/Path Name / Value
fareharbor.com/ Name: fh-sticking-routing
Value: 870a5ab95339fc85
fareharbor.com/ Name: csrftoken
Value: T6rUPtUhfTT7lEg6vmqv0V1PS1IvnXvTCuEe7xmVSfl2H2xTofIwcAuX9gdUyKkE
fareharbor.com/ Name: fh-target-language
Value: en-us
fareharbor.com/ Name: fh-units-language
Value: en-us
fareharbor.com/ Name: fh-content-language
Value: en-us
.fareharbor.com/ Name: _ga_CRSZ7X564R
Value: GS1.1.1733465030.1.0.1733465030.60.0.0
.fareharbor.com/ Name: _ga
Value: GA1.1.185953007.1733465030
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

3 Console Messages

Source Level URL
Text
security error URL: https://fareharbor.com/embeds/book/northernlightsvillagelevi/orders/bac991dd-1703-4b4c-b7eb-6f8ef62725df/?language=en-us
Message:
[Report Only] Refused to load the image 'https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CRSZ7X564R&cid=185953007.1733465030&gtm=45je4c40v9124931455za200zb897214346&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=602939386' because it violates the following Content Security Policy directive: "img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com".
security error URL: https://www.googletagmanager.com/
Message:
[Report Only] Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com".
security error URL: https://www.googletagmanager.com/
Message:
[Report Only] Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net https://secure.payconex.net/ https://cert.payconex.net/ fareharbor.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.honeycomb.io
cdn.filestackcontent.com
checkoutshopper-live.adyen.com
dipr2nuwo661l.cloudfront.net
fareharbor.com
js.stripe.com
o10963.ingest.sentry.io
secure.payconex.net
stats.g.doubleclick.net
td.doubleclick.net
translate.google.com
translate.googleapis.com
www.google.ca
www.googletagmanager.com
www.gstatic.com
142.251.111.94
147.12.18.68
151.101.194.133
151.101.64.176
172.253.122.94
2001:4860:4802:34::181
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c19::9c
3.171.131.178
34.120.195.249
34.192.16.11
45.60.73.55
52.85.132.96
54.177.154.80
015e845b1eb061a34ff29f962aee72b56848d94e14e78633f7f23f0e3e4ab36e
0b1321715f8391c3994d1369ab40edfce6963dd25f6547df8db537af0a2b8cc1
1c197daef20de3f47eec5e2f735ec6669869d3180cc29f35be4788511e0af0f8
285b9656a21e8df80ba9451994b129425bca45fb9f89fe4763b805e5f4b6467f
294d7d02e95339f3fca020e8722e671d30ce1afec65935e090c9a8908f4e8e39
34f395a68ce9fc56ecf197a8c698d0fa85480cabddb947989b087f653beb5de6
35417e04fc620e8f4ac3027d0cc4d503b63469bb5f5ba10de7842e0ed2375e29
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46d2ae7fd4d33542d7f44c4089a05e81b2dc935c135cf6c2c7fef178aed3bed1
47c6f28a7948faf51a8a7343d9c0d8b6ae322c70a297fe193be4c0e5989130ff
5dc502fc6977f8ebd807d14a32bfb8e678d6d0e7b0e4ad31cf8c8ef08d836d7f
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
73e406cf6041e70a1a94cccea088f82c70c672b303d18d99cae9f026e55d803b
74f6a3108b6c3eada44bdd5e24d6a0e5d2dab046cd129392695e91ee67e60b9f
7a35a7ca23b2c4e64c2c3bb33c6f539bb8f934103b5a8d5d33cfa37bf1c1a37c
7be221b7585120acee6b00a4a704773850e9dcf9cf0f4f732e64b6647df0ded2
7d66ee92d337817bebf4c89efeedb172cd27ece98b09d9864da5c8f60d2663ff
7f32c748c27ef786d70ebaf8f0f6e521808201923981a17b4eeca86868c36155
86226ec1e5d34386eb8953b9e862d58d34eaa4b29ed57fa705d0dfe19cb3dee6
980d6f8b7787e481222a5b1f9d82ab46ca68a81b4d9125a64109a9279c2c0977
9a3bed5628cef8638ea79d8c5fc5dc4ea4f0196c06d997a96893808a935df548
a1b09be9a7642c5fee2094c5c169b8bfd0ff0c325cc873771bc53973b5ef60a2
b18cc555d4f4ee121a365208814327239667668d8700594b310d3c857fb6cddb
bc1c9e70cda7e02a2f3f029a9a2bbea90a5c53751000fd4e57c255969ab0f480
c0200f0f25658abad4240de4f1e276a6a7b1df1b8ad2e9c2aa04baa23791f9e2
c120600fa58f8ed861f1529155bc9b4a69b1dbdbd5f5bd2d63f08c2cfae35876
c3cdadf24b4ec21d8225b0fd4e9a2dc001f48fa305216510e572bcab3c810e29
c46b88c5c5746d0f309891fbe133e297327f19f287ba30ef172bd506e797ce54
d834f1d8d599d73d5d5a63edae9b409299ea5701308af351a509264ea9d51204
da0b93d8218ac6b1110afc24ba7146ffb2653334e2584cd9df7387da41e6ea22
db8eb6b0097c8655c42981c14b7e89d13d093ef5dabf7a979b14e079b8565c33
ddd5780d54208733fc83d81e316937070d79a29b85e017350184c8847e9159c4
dffbfa6094b00631aa49667e25e7e7a17a113580f38d6d35e9f8ba87a8b972ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb17a51b3842b7721bce81c26643b7c79bb4d8cb48edcdedcaa51795753f60d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01f5d44634c07955b4cfc61af997c2ac97a5028340bfb1ea7d42fa0e12565f2
f19a47454b277319dedb77f7b7ce012bcfc4ca706faf10dbdfab375e5e1c5f59
f30784c147853c6e73ee5be29fcd96195f1824d3bd9fbf6080860eff6188adba
f9158f023b96a61687b1a024768bcd2acdc80c9f672050cf12eb577d7cd874ed