www.essencesuites.com Open in urlscan Pro
2606:4700::6811:e4d0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://essencesuites.com/
Effective URL:
https://www.essencesuites.com/
Submission: On October 25 via api (October 25th 2024, 1:07:24 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 70 HTTP transactions. The main IP is 2606:4700::6811:e4d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.essencesuites.com.
TLS certificate: Issued by WE1 on September 11th 2024. Valid for: 3 months.

This is the only time www.essencesuites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.203.23.93 67.203.23.93	17252 (AS2-COLOAM) (AS2-COLOAM)
7	2606:4700::68... 2606:4700::6811:e4d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
11	148.51.205.235 148.51.205.235	12025 (IMDC-AS12025) (IMDC-AS12025)
5	54.230.228.102 54.230.228.102	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	52.85.65.50 52.85.65.50	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
11	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 _) (CDN77 _)
8	2600:1f14:5db... 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
4	2a02:6ea0:c70... 2a02:6ea0:c700::112	60068 (CDN77 _) (CDN77 _)
70	18

1 67.203.23.93 (United States) 1 redirects

ASN17252 (AS2-COLOAM, US)
PTR: 67.203.23.93.rdns.ColocationAmerica.com

essencesuites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:e4d0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.essencesuites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 148.51.205.235 (Kings Mountain, United States)

ASN12025 (IMDC-AS12025, US)

dmp.leonardocloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.230.228.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-102.muc50.r.cloudfront.net

d1dzqwexhp5ztx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.65.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-50.muc50.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	userway.org cdn.userway.org — Cisco Umbrella Rank: 3272 api.userway.org — Cisco Umbrella Rank: 3171 cdn77.api.userway.org — Cisco Umbrella Rank: 6982	130 KB
11	leonardocloud.com dmp.leonardocloud.com — Cisco Umbrella Rank: 914637 muc.leonardocloud.com Failed	181 KB
8	essencesuites.com 1 redirects essencesuites.com www.essencesuites.com	70 KB
5	cloudfront.net d1dzqwexhp5ztx.cloudfront.net	1 MB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	96 KB
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 39994	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	94 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113	20 KB
0	imgur.com Failed imgur.com Failed i.imgur.com Failed
70	14

	Domain	Requested by
11	cdn.userway.org	accessibilityserver.org cdn.userway.org
11	dmp.leonardocloud.com	www.essencesuites.com dmp.leonardocloud.com code.jquery.com
8	api.userway.org	cdn.userway.org
7	www.essencesuites.com	www.essencesuites.com
5	d1dzqwexhp5ztx.cloudfront.net	www.essencesuites.com
4	cdn77.api.userway.org	cdn.userway.org
4	www.facebook.com	www.essencesuites.com
4	fonts.googleapis.com	www.essencesuites.com client dmp.leonardocloud.com
3	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.essencesuites.com connect.facebook.net
2	www.google-analytics.com	www.essencesuites.com www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	accessibilityserver.org	www.essencesuites.com
1	code.jquery.com	www.essencesuites.com
1	maxcdn.bootstrapcdn.com	www.essencesuites.com
1	essencesuites.com	1 redirects
0	i.imgur.com Failed
0	imgur.com Failed	www.essencesuites.com
0	muc.leonardocloud.com Failed	www.essencesuites.com
70	20

This site contains links to these domains. Also see Links.

Domain
maps.google.com
online.rezexpert.com
drive.google.com
www.facebook.com
www.instagram.com
www.tripadvisor.com
twitter.com
www.pinterest.com
www.linkedin.com
plus.google.com
www.vizlly.com

Subject Issuer	Validity	Valid
www.essencesuites.com WE1	`2024-09-11` - `2024-12-10`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.leonardocloud.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-05` - `2025-01-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
accessibilityserver.org Amazon RSA 2048 M02	`2024-09-05` - `2025-10-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-03` - `2024-11-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
1784939676.rsc.cdn77.org E5	`2024-10-18` - `2025-01-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.essencesuites.com/
Frame ID: 3578D3D87179FE6D8AD23E7FA0B54CB5
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome | Essence Suites Hotel Orland Park - Official Website

Page URL History Show full URLs

http://essencesuites.com/ HTTP 307
https://essencesuites.com/ HTTP 307
http://essencesuites.com/ HTTP 301
http://www.essencesuites.com/ HTTP 307
https://www.essencesuites.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

94 %
HTTPS

56 %
IPv6

14
Domains

20
Subdomains

18
IPs

3
Countries

2037 kB
Transfer

3690 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://maps.google.com/maps?q=14455+S+LA+GRANGE+RD%2C+ORLAND+PARK%2C+Illinois%2C+60462%2C+USA

Search URL Search Domain Scan URL

URL: https://online.rezexpert.com/book?business_code=303600
Title: Book Today

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1HIPzhE4Y3nmDIydqWQ7HVnNEntUBzqvc/preview
Title: brochure

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OrlandParkHotel/?fref=ts

Search URL Search Domain Scan URL

URL: https://www.instagram.com/essencesuites/

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/Hotel_Review-g36505-d596669-Reviews-Essence_Suites-Orland_Park_Illinois.html

Search URL Search Domain Scan URL

URL: https://twitter.com/essencesuites

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/essencesuites/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/essence-suites

Search URL Search Domain Scan URL

URL: https://plus.google.com/+EssenceSuitesOrlandPark/posts

Search URL Search Domain Scan URL

URL: https://www.vizlly.com/
Title: powered by Vizlly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://essencesuites.com/ HTTP 307
https://essencesuites.com/ HTTP 307
http://essencesuites.com/ HTTP 301
http://www.essencesuites.com/ HTTP 307
https://www.essencesuites.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.essencesuites.com/
Redirect Chain

http://essencesuites.com/
https://essencesuites.com/
http://essencesuites.com/
http://www.essencesuites.com/
https://www.essencesuites.com/

177 KB
27 KB

323ms
228ms

Document
text/html

2606:4700::6811:e4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.essencesuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3229efc2fe9652ae497a93a933f04a18e3216d7af071e922bbb722634573aa7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 8d7e4ee6c8b1972e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Oct 2024 01:07:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Thu, 13 Apr 2023 15:42:14 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 *.vizlly.com

Redirect headers

Location: https://www.essencesuites.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
20 KB 61ms
33ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "5d5357cb3704e1f43a1f5bfed2aebf42"
age: 14860
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Oct 2024 01:07:10 GMT
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/24/2024 09:01:20
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b278a8276408ebc12f8e11a6a7cde6c1
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d7e4ee87ec3bb5b-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1070
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 styles.css
www.essencesuites.com/munro/generic/ 140 KB
22 KB 278ms
277ms Stylesheet
text/css 2606:4700::6811:e4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.essencesuites.com/munro/generic/styles.css
Requested by: Host: www.essencesuites.com
URL: https://www.essencesuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd56d6469668ddcca62d7ff5c93a7647c991f030814ed92045dd7345d4f0b47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: MISS
etag: "1681400534189"
via: 1.1 *.vizlly.com
cf-ray: 8d7e4ee84966972e-FRA
expires: Fri, 01 Nov 2024 01:07:11 GMT
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 13 Apr 2023 15:42:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 1 KB
890 B 80ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cardo

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c90ee1979b62b3b5a8b4b6ebab4a0aaf83c57e3cd6f33d86a64517cc15ad52b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 01:07:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:07:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 25 Oct 2024 01:07:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
94 KB 71ms
20ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: www.essencesuites.com
URL: https://www.essencesuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

etag: "28feccc0-176d5"
age: 3782281
x-cache: HIT, HIT
date: Fri, 25 Oct 2024 01:07:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 8, 33890
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21975-LGA, cache-fra-etou8220063-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1729818431.818478,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 95957
server: nginx

GET
H/1.1 200 33795 Show response
dmp.leonardocloud.com/dmp/player/loader/ 41 KB
15 KB 504ms
165ms Script
text/plain 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/dmp/player/loader/33795

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

d57059b36a7080407950d5a42e8d09c479ab22faa00aa9b7b473390cd45af23f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
lwc-service-exec-time: 0
Date: Fri, 25 Oct 2024 01:05:34 GMT
lwc-exec-time: 1
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection: close
Referrer-Policy: no-referrer
Access-Control-Allow-Origin: https://apps.vizlly.com
X-Application-Context: application
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H2 200 bootstrap.js Show response
www.essencesuites.com/munro/ 3 KB
1 KB 225ms
224ms Script
application/javascript 2606:4700::6811:e4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.essencesuites.com/munro/bootstrap.js?template=genericmunro
Requested by: Host: www.essencesuites.com
URL: https://www.essencesuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3ad2bfff2f527dbe5af4683798def6586fd6ee8472c524d22fb06f680472d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: EXPIRED
etag: "1681400534189"
via: 1.1 *.vizlly.com
cf-ray: 8d7e4eea2a68972e-FRA
expires: Fri, 01 Nov 2024 01:07:11 GMT
accept-ranges: bytes
content-length: 1424
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK essence_F.jpg
d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/391/488/ 9 KB
10 KB 530ms
455ms Image
image/jpeg 54.230.228.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/391/488/essence_F.jpg
Requested by: Host: www.essencesuites.com
URL: https://www.essencesuites.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-102.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7535ffc219f973b84022fbdccdd494bff3c83e486688e5d938ab6d539ee35645

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

ETag: "4b34effc5b3f8cb19c64d65f50bed766"
x-amz-version-id: null
Connection: keep-alive
Via: 1.1 f9e65f6efaf09565a6c3bbb6d064bfca.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Miss from cloudfront
Content-Length: 9442
X-Amz-Cf-Id: NEw0v5Qj-w1fph0rQ0ORM1LgIm5Gdqy_RuqvikyBkP2uoOmfpME7vA==
Date: Fri, 25 Oct 2024 01:07:12 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 24 Mar 2017 20:21:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P5

GET fb07421f-d982-4a56-ac91-b96db173cdad_jp.jpg
muc.leonardocloud.com/cdms/vmm3files/ 0
0

GET
H2 200 email-decode.min.js Show response
www.essencesuites.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 26ms
24ms Script
application/javascript 2606:4700::6811:e4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.essencesuites.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e4d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"6712b248-4d7"
x-content-type-options: nosniff
cf-ray: 8d7e4eea2a67972e-FRA
expires: Sun, 27 Oct 2024 01:07:11 GMT
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2024 19:08:56 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 bundle.js Show response
www.essencesuites.com/munro/ 55 KB
17 KB 36ms
35ms Script
application/javascript 2606:4700::6811:e4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.essencesuites.com/munro/bundle.js?template=genericmunro
Requested by: Host: www.essencesuites.com
URL: https://www.essencesuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7599974fb2f6d9e0b65dd7a6f7f53aceaff9c492aedf820191a435301606a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
etag: "1681400534189"
age: 212228
via: 1.1 *.vizlly.com
cf-ray: 8d7e4eea2a69972e-FRA
expires: Fri, 01 Nov 2024 01:07:11 GMT
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 1 KB
578 B 64ms
32ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin%20Sans

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7226ae94f7215c78362cc0ed7aef65388d709ed19d497cb892e15bcacb775e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 01:07:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:07:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 25 Oct 2024 00:47:01 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: gzip
age: 6056
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 01:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 23:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET lM8ZGKo
imgur.com/ 0
0

GET
H2 200 widget.js Show response
accessibilityserver.org/ 2 KB
2 KB 152ms
48ms Script
application/javascript 52.85.65.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: www.essencesuites.com
URL: https://www.essencesuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.65.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-65-50.muc50.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 3c0faea87355d48c0de219be6d89c5b77b1132b833891939066d5530955c8a73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"0a856e947935c2a666842623316021f0"
age: 2291
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: Hit from cloudfront
x-amz-cf-id: q8VsrTkpsRUOMe56BlUzCEr3C04qpCEy15nL0Yl_5bAHGvBF9QEkSw==
date: Fri, 25 Oct 2024 00:35:09 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 09:14:42 GMT
x-77-nzt-ray: 4c156224c1c772cfea321a67f40c2524
vary: Accept-Encoding
x-77-nzt: EgwBw7WqEQH3uAQAAAwBnJIhHwG3IwAAAA
cache-control: max-age=3600, public
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront), 1.1 2f720540a1a9a4394a2f93dffd5c0e5c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1208
x-amz-cf-pop: FRA56-P10, MUC50-P6
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 82ms
26ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4411, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 0HV467Lg9y53FEqpFJT/vVfJPrs1EKYNO9s1OlgmAa851tsoGY4LfiTxljht5u7CpiES6lvBt0BpHhNQOQAMIw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa1939d4dc6a305ed3e90b82ec202c4cbe8153fc5f900e03d43b8a0793593348

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 104c8b108c24cf791c82f71f4150093bbe356fc5d2078b2e257ff6eac4bdc385

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 654 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb332e2f9ce604f46c2c183a442d4ec43de3843d4ec70790b746eabd56dde20a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 749 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5949a4a7e47aa5b63bea78046d0854c98a1dd0648c3f7c933a6f342341284493

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 851 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20795d1f6f78735bb795abd53dc25186805e3b59abecdb86df22af8a13ade31b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 544bb7f4f7780d0f8a50e334103022a405e5d84d08b6f4657fe8094a472e8ca2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbc00f1a90bb42beab332b26d420e3acd3e687b61259a7483ebd6dee9080b7d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b885ace9168c924de23c60edfdaa962b6a29b8e7253ef03eda074ebd7528a1d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95df679554aec13b22b5f35d8530bd7191844fb182ea9e4e0e47eef71f2bc28c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3a752cde3a76012b19d2d3121cd8c79cabaeca19c69566943c4ec1f3bdaa88e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 896 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50882353f8ed7f224112a1741508ae14d0d4f1dff2762f4eb1820f9ec2cf0af0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0bf73492d81e49e2972cddeb1498b7add3c14dbf4422bab8111adc1486c3119

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 vizlly-icon.png
www.essencesuites.com/assets/images/ 476 B
568 B 33ms
33ms Image
image/png 2606:4700::6811:e4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.essencesuites.com/assets/images/vizlly-icon.png
Requested by: Host: www.essencesuites.com
URL: https://www.essencesuites.com/munro/generic/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 354e9ad01475902967f9e75efdcbcb9465807ce3abbe0f2a6cc7efd0a578037f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/munro/generic/styles.css

Response headers

cache-control: public, max-age=604800
cf-cache-status: HIT
etag: "1681400534189"
age: 583708
via: 1.1 *.vizlly.com
cf-ray: 8d7e4eea3a79972e-FRA
expires: Fri, 01 Nov 2024 01:07:11 GMT
accept-ranges: bytes
content-length: 476
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: image/png; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v19/ 15 KB
15 KB 68ms
33ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v19/wlp_gwjKBV1pqhv43IE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://fonts.googleapis.com/

Response headers

age: 202877
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:45:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:45:54 GMT
last-modified: Thu, 21 Apr 2022 17:05:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14880
x-xss-protection: 0
server: sffe

GET
H3 200 Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v32/ 12 KB
12 KB 64ms
28ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v32/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin%20Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

24a6ddc71f3d94fd9bcd29b7540b49f299a1ca78986464aeb47291fdea955e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://fonts.googleapis.com/

Response headers

age: 203829
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:30:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:30:02 GMT
last-modified: Thu, 24 Aug 2023 20:50:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12388
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ 7 KB
928 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Pathway+Gothic+One|Roboto:400,500,700

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a39bdcf597775245e2d9f02f0253074cff2218a32ec9c1625af041b5a9a648c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 01:07:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 25 Oct 2024 01:07:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
438 B 36ms
35ms XHR
text/plain 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1166610030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.essencesuites.com%2F&ul=de-de&de=UTF-8&dt=Welcome%20%7C%20Essence%20Suites%20Hotel%20Orland%20Park%20-%20Official%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2120168413&gjid=1587328970&cid=700743642.1729818431&tid=UA-91001793-38&_gid=1533903049.1729818431&_r=1&_slc=1&z=369388039

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aea1b535d08e644d2339a709dca6977b5bae483107463e7f5895c74a6e64a1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.essencesuites.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:07:11 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.essencesuites.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 244988357924060 Show response
connect.facebook.net/signals/config/ 78 KB
15 KB 243ms
243ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/244988357924060?v=2.9.174&r=stable&domain=www.essencesuites.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

ec3db31e20f8ce5ab45db728e9b8d090ce0dd84f013344675c3ff00b8c7684b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=75, mss=1232, tbw=68462, tp=65, tpl=0, uplat=221, ullat=0
pragma: public
x-fb-debug: aHFPdNc2pIfii9bqViEo+KNZTMIO+Rt5nTtgpaZl3VaIczyp79dW8XfsrZUXlrEQS9YIVY1UDwgSLa858qVThQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
96 KB 94ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8KLHF53327&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41bef6fc30b795d491d3791a85503e9316cffec9b56096d72a2f5812772df361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 25 Oct 2024 01:07:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97224
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 widget_app_base_1729588264776.js Show response
cdn.userway.org/widgetapp/2024-10-22-09-11-04/ 128 KB
40 KB 73ms
21ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7b9c4d1ebaf6673a72bb1f5993520ceba487e07598878bb34a1c9e70dbc67ac3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"ac19750fbb7947a0417641225a1908ca"
age: 367
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: nifnpiSNgHnksbgUI_KQEMaRbXfsaOWyYlQrDostRsxPnlNRDapS6Q==
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 09:14:29 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b02131c5e140a73fef1a6750d94a10
x-77-nzt: EgwBw7WvJwH3O4ADAAwBisclxAG3IwAAAA
cache-control: max-age=25920000, public
via: 1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229435
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

POST
H2 200 AIqc69Giyl Show response
api.userway.org/api/tunings/ 2 KB
2 KB 798ms
416ms XHR
application/json 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/AIqc69Giyl
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: afbd540e561be771aea30d21cd5e5fa94b37a3c2a1736411362218017c381ce3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usr6f2ae4b01be0403
etag: W/"772-RTNrwBHhA+XOHc5V7c7iONZwhVY"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 1906
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 77ms
28ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8KLHF53327&gtm=45je4al0v9111035816za200&_p=1729818431187&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101823848~101925629&ul=de-de&sr=1600x1200&cid=700743642.1729818431&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.essencesuites.com%2F&dt=Welcome%20%7C%20Essence%20Suites%20Hotel%20Orland%20Park%20-%20Official%20Website&sid=1729818431&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4130
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8KLHF53327&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.essencesuites.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 75ms
28ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=244988357924060&ev=Lead&dl=https%3A%2F%2Fwww.essencesuites.com%2F&rl=&if=false&ts=1729818431436&sw=1600&sh=1200&v=2.9.174&r=stable&ec=1&o=4126&fbp=fb.1.1729818431434.749317860508222581&cs_est=true&est_source=604495024883307&ler=empty&cdl=API_unavailable&it=1729818431176&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2993, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 255ms
208ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=244988357924060&ev=Lead&dl=https%3A%2F%2Fwww.essencesuites.com%2F&rl=&if=false&ts=1729818431436&sw=1600&sh=1200&v=2.9.174&r=stable&ec=1&o=4126&fbp=fb.1.1729818431434.749317860508222581&cs_est=true&est_source=604495024883307&ler=empty&cdl=API_unavailable&it=1729818431176&coo=false&es=automatic&tm=3&rqm=FGET

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429513591017920255"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: G4NhaVa/sQ4jQQq9dkUjXUk61TUZ9//m9odthoK0Gy9DhL6wTROVg7un951ud5lq5Snh3iCKairT9SpZD1APdg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429513591017920255", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=17, mss=1297, tbw=3414, tp=-1, tpl=-1, uplat=182, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 75ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=244988357924060&ev=PageView&dl=https%3A%2F%2Fwww.essencesuites.com%2F&rl=&if=false&ts=1729818431437&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1729818431434.749317860508222581&cs_est=true&ler=empty&cdl=API_unavailable&it=1729818431176&coo=false&rqm=GET

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2993, tp=-1, tpl=-1, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 254ms
208ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=244988357924060&ev=PageView&dl=https%3A%2F%2Fwww.essencesuites.com%2F&rl=&if=false&ts=1729818431437&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1729818431434.749317860508222581&cs_est=true&ler=empty&cdl=API_unavailable&it=1729818431176&coo=false&rqm=FGET

Requested by

Host: www.essencesuites.com
URL: https://www.essencesuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429513590986276784"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: rKeK26gcnfg/indcJ/6kDjH8ndrfn0G/VZzhp8bkrJHdFrj1B1RLWDntLMIAJoX/EmRlGcJ/dxcx1Oc+5FuCtw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429513590986276784", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=17, mss=1297, tbw=6210, tp=-1, tpl=-1, uplat=183, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
DATA 200
OK truncated
/ 496 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9901e87f893ad7cb3c06fb1dd6b83525b7033424e5450e4b4bf1da53759b188

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 444 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23f052693b9047ad13a1e449926af32261885857cf739fd532643b28d0e84586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET lM8ZGKo.png
i.imgur.com/ 0
0

GET
H2 200 favicon.ico
www.essencesuites.com/assets/images/generic/ 1 KB
588 B 31ms
31ms Other
image/x-icon 2606:4700::6811:e4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.essencesuites.com/assets/images/generic/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8484145038b84eff3f7c497f753b13b6f908e270dc1063deaf1d368f929df52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1681400534189"
age: 443656
via: 1.1 *.vizlly.com
cf-ray: 8d7e4eee6c5a972e-FRA
expires: Fri, 01 Nov 2024 01:07:11 GMT
date: Fri, 25 Oct 2024 01:07:11 GMT
content-type: image/x-icon; charset=UTF-8
last-modified: Thu, 13 Apr 2023 15:42:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK framework.js Show response
dmp.leonardocloud.com/player/hyperion/framework/ 145 KB
46 KB 493ms
170ms Script
application/javascript 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/framework/framework.js?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/dmp/player/loader/33795

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

257869f0c48f8ec2930d3a837572015d947231363197b4783d8029253eb1a90d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "24258-5873873b95f40-gzip"
Expires: Fri, 01 Nov 2024 01:04:29 GMT
Date: Fri, 25 Oct 2024 01:04:29 GMT
Last-Modified: Tue, 23 Apr 2019 20:30:13 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 46338
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-10-22-09-11-04/locales/ 607 B
944 B 23ms
23ms XHR
application/json 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 359
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: HXi6XWeQyOKMeeRpFivXxjkmBc-zpoyZW7DhfSqlx17hTT-TlT3HBw==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: application/json
last-modified: Tue, 22 Oct 2024 09:14:28 GMT
x-77-nzt-ray: 25b02131c5e140a740ef1a6735e5f608
vary: Accept-Encoding
x-77-nzt: EgwBw7WvJwH3N4ADAAwBw7WvBgG3KAAAAA
cache-control: max-age=25920000, public
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229431
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK theme.html.js Show response
dmp.leonardocloud.com/player/hyperion/apps/gallery/themes/preston/ 114 KB
32 KB 514ms
179ms Script
application/javascript 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/apps/gallery/themes/preston/theme.html.js?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/dmp/player/loader/33795

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

60c0af5ff1a8f1db780afb29e08b2131d351085a9a8c0c379b4edf9e98b9b958

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "1c6b3-5873879352e40-gzip"
Expires: Fri, 01 Nov 2024 01:05:36 GMT
Date: Fri, 25 Oct 2024 01:05:36 GMT
Last-Modified: Tue, 23 Apr 2019 20:31:45 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 32080
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK theme.html.js Show response
dmp.leonardocloud.com/player/hyperion/apps/booking/themes/clarkson/ 47 KB
17 KB 514ms
174ms Script
application/javascript 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/apps/booking/themes/clarkson/theme.html.js?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/dmp/player/loader/33795

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

951431834282ec2480296e922c183e74b840254c2da6e4dd63f5ef3280738999

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "bb5f-5873873d7e3c0-gzip"
Expires: Fri, 01 Nov 2024 01:04:29 GMT
Date: Fri, 25 Oct 2024 01:04:29 GMT
Last-Modified: Tue, 23 Apr 2019 20:30:15 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 16606
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H2 200 remediation_1729588264776.js Show response
cdn.userway.org/widgetapp/2024-10-22-09-11-04/remediation/ 94 KB
27 KB 34ms
34ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/remediation/remediation_1729588264776.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 76911c09be1d18e11fa1cbb3029d9daf4f6692823c2eca10ac22fb4ac9a6e33b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"be8d99dd0bdaf48663f3c7d681daf509"
age: 354
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: BiUZ4rRiGFfmHGEPNgwanOj0-Z2-n3p6JwkanhTWvBPnTghG4N46hg==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 09:14:29 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b02131c5e140a740ef1a673e7f3727
x-77-nzt: EgwBw7WvJwH3OoADAAwBw7WvAgG3JAAAAA
cache-control: max-age=25920000, public
via: 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229434
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 SlXTzVeyNSS0ZDL8.json Show response
cdn.userway.org/remediations/consolidated/1490271/ 9 KB
2 KB 38ms
38ms XHR
application/json 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1490271/SlXTzVeyNSS0ZDL8.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 796f63daec56cf77b30a09a95a9180bb3328cf941b4e4d52a100201c7a6a757e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"4b358b7e4b2643a3ad26eff36b527c26"
age: 167
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: M4-by-JJokSyHTUO5wcKnJXEED7hBSb1D0bvDfuIIG05wk6pq0Aceg==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: application/json
last-modified: Sat, 05 Oct 2024 05:28:35 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b02131c5e140a740ef1a6717b63427
x-77-nzt: EwgBw7WvJwFBDAGKxyXEAZer/gIADAGckjvfAbcjfQAA
cache-control: public, max-age=31536000
via: 1.1 3b596e6534b28f6cf60d32fc6bf542dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 196267
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-10-22-09-11-04/ 30 KB
5 KB 82ms
27ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-10-22-09-11-04/widget_base.css?v=1729588264776
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"fa9ef3811ff36e9e81b054c454f9365f"
age: 365
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: RNdH6Qx_y9QH12as5xYU0G4VBI8i8NTlhcmcKjOJk501Ql3eGyfEMQ==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 09:13:51 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b0213108f6cab940ef1a67404e6b2a
x-77-nzt: EgwBw7WvJwH3O4ADAAwBnJIhJwG3IwAAAA
cache-control: max-age=864000, public
via: 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229435
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-10-22-09-11-04/paid/ 69 KB
25 KB 31ms
31ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d06579d579776e51bd9ced4f15860023d90c55e875d722899e2f72b0214d5138

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"12d9fa0ee5a0723fe3499fb53b3f11fc"
age: 353
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: bHrtRpk6-VNJlwztuQ7BvJnSHO0ElRJnUFUgIuzXA8A0NIL7bq95KA==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 09:14:39 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b02131c5e140a740ef1a678ca9c329
x-77-nzt: EgwBw7WvJwH3OoADAAwBw7WvAgG3JAAAAA
cache-control: max-age=25920000, public
via: 1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229434
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 SlXTzVeyNSS0ZDL8.json Show response
cdn.userway.org/remediations/consolidated/1490271/ 9 KB
0 0ms
0ms Fetch
application/json 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1490271/SlXTzVeyNSS0ZDL8.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 796f63daec56cf77b30a09a95a9180bb3328cf941b4e4d52a100201c7a6a757e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"4b358b7e4b2643a3ad26eff36b527c26"
age: 167
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: M4-by-JJokSyHTUO5wcKnJXEED7hBSb1D0bvDfuIIG05wk6pq0Aceg==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: application/json
last-modified: Sat, 05 Oct 2024 05:28:35 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b02131c5e140a740ef1a6717b63427
x-77-nzt: EwgBw7WvJwFBDAGKxyXEAZer/gIADAGckjvfAbcjfQAA
cache-control: public, max-age=31536000
via: 1.1 3b596e6534b28f6cf60d32fc6bf542dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 196267
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 29ms
29ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 9zy1hbEopxS5-T_or55dmle4I_5Af0AjmgsbFoiuEvpDPXcD7tDQ5Q==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: image/svg+xml
x-77-nzt-ray: 25b0213108f6cab940ef1a677b2ed42c
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 09:14:30 GMT
x-77-nzt: EgwBw7WvJwH3PIADAAwBisclxAG3IwAAAA
cache-control: max-age=25920000, public
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229436
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: EhzO4wsaYRktEmlDvezS8QQsaf2a0LGCaJ7eoW5N3fYPHs7fGW8MCg==
date: Fri, 25 Oct 2024 01:07:12 GMT
content-type: image/svg+xml
x-77-nzt-ray: 25b0213108f6cab940ef1a67491fd72c
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 09:14:31 GMT
x-77-nzt: EgwBw7WvJwH3PIADAAwBnJIhJwG3IwAAAA
cache-control: max-age=25920000, public
via: 1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229436
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET fb07421f-d982-4a56-ac91-b96db173cdad_jp.jpg
muc.leonardocloud.com/cdms/vmm3files/ 0
0

GET
H/1.1 200
OK theme.html.css
dmp.leonardocloud.com/player/hyperion/apps/gallery/themes/preston/ 39 KB
9 KB 496ms
168ms Stylesheet
text/css 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/apps/gallery/themes/preston/theme.html.css?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/player/hyperion/framework/framework.js?v=25

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

9b13254947fa89ca71d54d87203a7a36ae89c35a5692a30ba60e2dbcfd1bf0c0

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "9a24-5873881ca7240-gzip"
Expires: Fri, 01 Nov 2024 01:04:30 GMT
Date: Fri, 25 Oct 2024 01:04:30 GMT
Last-Modified: Tue, 23 Apr 2019 20:34:09 GMT
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 8684
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK theme.html.css
dmp.leonardocloud.com/player/hyperion/apps/booking/themes/clarkson/ 7 KB
2 KB 498ms
168ms Stylesheet
text/css 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/apps/booking/themes/clarkson/theme.html.css?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/player/hyperion/framework/framework.js?v=25

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

937d4e44582066f0e8ca6d4805983d8dcb87c3fcc1b3439376c7682aa90e5555

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "1bc0-5873881bb3000-gzip"
Expires: Fri, 01 Nov 2024 01:04:30 GMT
Date: Fri, 25 Oct 2024 01:04:30 GMT
Last-Modified: Tue, 23 Apr 2019 20:34:08 GMT
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 1273
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK mediaplayer.html.js Show response
dmp.leonardocloud.com/player/hyperion/modules/media/themes/preston/ 60 KB
15 KB 502ms
171ms Script
application/javascript 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/modules/media/themes/preston/mediaplayer.html.js?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/dmp/player/loader/33795

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

1d43043e0c62e735bae359f8e2a998bed94ffe7b3f70f54846c33a7f5d0f3bbf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "f05b-587387f775a80-gzip"
Expires: Fri, 01 Nov 2024 01:05:37 GMT
Date: Fri, 25 Oct 2024 01:05:37 GMT
Last-Modified: Tue, 23 Apr 2019 20:33:30 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 14523
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H2 200 nav_menu_helper_1729588264776.js Show response
cdn.userway.org/widgetapp/2024-10-22-09-11-04/remediation/ 23 KB
7 KB 29ms
28ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/remediation/nav_menu_helper_1729588264776.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"d5babf1f477d0f7bf4044b0693b956d9"
age: 201
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: Cki5KeHeaIYW5MkYp2_JD7utVvzGym1pbT5k70__R5gDxrMH0MCF1w==
date: Fri, 25 Oct 2024 01:07:13 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 09:14:29 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b02131c5e140a741ef1a672a00df2a
x-77-nzt: EgwBw7WvJwH3OIADAAwB1GY4EQG3vgAAAA
cache-control: max-age=25920000, public
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229432
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 css
fonts.googleapis.com/ 863 B
424 B 41ms
41ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Pathway+Gothic+One

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/player/hyperion/apps/gallery/themes/preston/theme.html.css?v=25

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

f0316fd912bb303a7576401cbbe9f3fa5dc3d4d3a08e6f1300db3f117f9a57a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 01:07:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:07:13 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 25 Oct 2024 01:07:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK theme.html.js Show response
dmp.leonardocloud.com/player/hyperion/modules/booking/themes/clarkson/ 103 KB
24 KB 652ms
177ms Script
application/javascript 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/modules/booking/themes/clarkson/theme.html.js?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/dmp/player/loader/33795

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

1111ce62203171988e5de74c565357d586ac6d42fd55ac49466079a62eb4c07c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "19c4c-587387d520980-gzip"
Expires: Fri, 01 Nov 2024 01:04:31 GMT
Date: Fri, 25 Oct 2024 01:04:31 GMT
Last-Modified: Tue, 23 Apr 2019 20:32:54 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 24016
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK mediaplayer.html.css
dmp.leonardocloud.com/player/hyperion/modules/media/themes/preston/ 33 KB
8 KB 368ms
172ms Stylesheet
text/css 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/modules/media/themes/preston/mediaplayer.html.css?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/player/hyperion/framework/framework.js?v=25

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

9a9f77ef83e13d03cb8dd7ee7e225b0805da1de7b2476100820c29db4d51671b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "839b-5873881ca7240-gzip"
Expires: Fri, 01 Nov 2024 01:05:37 GMT
Date: Fri, 25 Oct 2024 01:05:37 GMT
Last-Modified: Tue, 23 Apr 2019 20:34:09 GMT
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 7596
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/ 260 B
739 B 31ms
31ms Fetch
application/json 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F4%2F0%2F81%2F391%2F488%2Fessence_F.jpg%22%2C%22alt%22%3A%22Essence%20Suites%20Hotel%20Orland%20Park%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.essencesuites.com%2F%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f499fe56ce919568ce47166439d8519341f8a6a9d6b1616bc0f2387264e56dbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"104-AuJmUpVJcaik+g1FHi7qtacoBbU"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
date: Fri, 25 Oct 2024 01:07:14 GMT
content-type: application/json; charset=utf-8
x-77-nzt-ray: 15b3c711d04c365042ef1a678d25f833
vary: Accept-Encoding
access-control-allow-headers: *
x-77-nzt: EwgBqZb/tgFBDAGKxyXEAZdCigEADAG5O98UAbdXFQYA
cache-control: max-age=604800
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 100930
x-service-version: img-dscr-srv-a922622f
server: CDN77-Turbo

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/ 0
0 608ms
493ms Preflight 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F4%2F0%2F81%2F391%2F488%2Fessence_F.jpg%22%2C%22alt%22%3A%22Essence%20Suites%20Hotel%20Orland%20Park%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.essencesuites.com%2F%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.essencesuites.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Fri, 25 Oct 2024 01:07:14 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBqZb/tgAACAGKxyXEAAA
x-77-nzt-ray: 15b3c711d04c365042ef1a677d6c7216
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-0bfa9e8b

GET
H/1.1 200 33795 Show response
dmp.leonardocloud.com/dmp/player/data/ 35 KB
6 KB 835ms
177ms Script
application/json 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/dmp/player/data/33795?locale=en&callback=jQuery1113007144887244036857_1729818431045&_=1729818431046

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

90e1f31efc7a163e3b3b3f5c596f6ef4cf1b443b6149d21f1c47d40690ae9c1b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
lwc-service-exec-time: 0
Date: Fri, 25 Oct 2024 01:04:31 GMT
lwc-exec-time: 2
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection: close
Referrer-Policy: no-referrer
Access-Control-Allow-Origin: https://apps.vizlly.com
X-Application-Context: application
X-Xss-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK theme.html.css
dmp.leonardocloud.com/player/hyperion/modules/booking/themes/clarkson/ 55 KB
8 KB 204ms
174ms Stylesheet
text/css 148.51.205.235
IMDC-AS12025

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.leonardocloud.com/player/hyperion/modules/booking/themes/clarkson/theme.html.css?v=25

Requested by

Host: dmp.leonardocloud.com
URL: https://dmp.leonardocloud.com/player/hyperion/framework/framework.js?v=25

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.51.205.235 Kings Mountain, United States, ASN12025 (IMDC-AS12025, US),

Reverse DNS

Software

Apache /

Resource Hash

6ae2622d17b10db9ffc39286026f55423807db48fc60ae20943bc7ec81b04605

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

Content-Encoding: gzip
ETag: "dbaf-5873881ca7240-gzip"
Expires: Fri, 01 Nov 2024 01:05:38 GMT
Date: Fri, 25 Oct 2024 01:05:38 GMT
Last-Modified: Tue, 23 Apr 2019 20:34:09 GMT
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Cache-Control: max-age=604800
Connection: close
Referrer-Policy: no-referrer
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://apps.vizlly.com
Content-Length: 7180
X-Xss-Protection: 1; mode=block
Server: Apache

GET
DATA 200
OK truncated
/ 884 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e2ee501ae7351adeb66068fadfef711b7b4d3de406b50febf3eeb1a6a168b04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 1490271 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 193ms
192ms Fetch
application/json 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/1490271
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 51
date: Fri, 25 Oct 2024 01:07:14 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 1490271 Show response
api.userway.org/api/br-links/v0/links/ 464 B
832 B 195ms
194ms Fetch
application/json 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/1490271
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8c31a5bc81d070f0d38f78b82ccbf8a2e11f0893f6fb0c159faf5128371c8db8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
etag: W/"1d0-+JUilDcSrKSwH++e0bMoO2UgRSU"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 464
date: Fri, 25 Oct 2024 01:07:14 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H3 200 MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
fonts.gstatic.com/s/pathwaygothicone/v15/ 14 KB
14 KB 31ms
31ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pathwaygothicone/v15/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Pathway+Gothic+One|Roboto:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

021641f5d569e5139c323e6b304146005220ffb45dfc9381ea010324f729c8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://fonts.googleapis.com/

Response headers

age: 204399
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:20:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:20:36 GMT
last-modified: Thu, 27 Apr 2023 00:01:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13968
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK Essence_Essence-1561_R.jpg
d1dzqwexhp5ztx.cloudfront.net/imageRepo/3/0/73/147/276/ 149 KB
150 KB 561ms
561ms Image
image/jpeg 54.230.228.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dzqwexhp5ztx.cloudfront.net/imageRepo/3/0/73/147/276/Essence_Essence-1561_R.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-102.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4305fc086503c83c08d764d77b83009f876f713b632249274489836f2cac0562

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

ETag: "4cdab0ec39c8bdda4b4c6a8c471036ea"
x-amz-version-id: null
Connection: keep-alive
Via: 1.1 f9e65f6efaf09565a6c3bbb6d064bfca.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Miss from cloudfront
Content-Length: 153033
X-Amz-Cf-Id: KEWFaCiOC-3QdqV-yaCcwjhWElojWc5ifmm2W0bcaPSWehJV78QMEA==
Date: Fri, 25 Oct 2024 01:07:16 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 29 Mar 2016 16:21:15 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P5

GET
H/1.1 200
OK ESChampagneGlassesEdited_S.jpg
d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/935/139/ 363 KB
364 KB 608ms
535ms Image
image/jpeg 54.230.228.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/935/139/ESChampagneGlassesEdited_S.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-102.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 545747503fdb3f888e9bafa66edb66ed8cc95f87ea4a21b5aa4de3cac79793f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

ETag: "256785e9c111dc4863eed07b28381d04"
x-amz-version-id: null
Connection: keep-alive
Via: 1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Miss from cloudfront
Content-Length: 372134
X-Amz-Cf-Id: SKM4Y4t25-_rTZP_BCPdLRv7JElrOKMlXibQ9RFMiWgKhoLpz5RChw==
Date: Fri, 25 Oct 2024 01:07:16 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 25 Apr 2017 20:01:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P5

GET
H/1.1 200
OK 5EssenceSuiteSite_S.jpg
d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/939/245/ 461 KB
461 KB 641ms
566ms Image
image/jpeg 54.230.228.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/939/245/5EssenceSuiteSite_S.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-102.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f139724942073b3421017549c3d931e8e334555dbe4f42c4f3120b6afd2a90d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

ETag: "9f2f25ce6fdc51faf6935dfbca927fdb"
x-amz-version-id: null
Connection: keep-alive
Via: 1.1 b10eef4dff0375003ae9795596a9615c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Miss from cloudfront
Content-Length: 472095
X-Amz-Cf-Id: akm_u8SYuSWYLOSoBZICQ3z5mW4TCDqDxf3NJYMDDtwi1pNCMNPWIA==
Date: Fri, 25 Oct 2024 01:07:16 GMT
Content-Type: image/jpeg
Last-Modified: Wed, 26 Apr 2017 05:30:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P5

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/ 700 B
795 B 40ms
39ms Fetch
application/json 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F3%2F0%2F73%2F147%2F276%2FEssence_Essence-1561_R.jpg%22%2C%22alt%22%3A%22Essence%20Suite%20Bath%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F4%2F0%2F81%2F935%2F139%2FESChampagneGlassesEdited_S.jpg%22%2C%22alt%22%3A%22Essence%20Champagne%20Glasses%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F4%2F0%2F81%2F939%2F245%2F5EssenceSuiteSite_S.jpg%22%2C%22alt%22%3A%22Essence%20Suite%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.essencesuites.com%2F%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b18b73e859865437d3d71a5af2093c6873e04d047988ce78415fcb1f9b4eabc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"2bc-hG4MXyzL6l9L6xPmGGhPbbe1MLU"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
date: Fri, 25 Oct 2024 01:07:17 GMT
content-type: application/json; charset=utf-8
x-77-nzt-ray: 15b3c711d04c365045ef1a671d74aa18
vary: Accept-Encoding
access-control-allow-headers: *
x-77-nzt: EggBqZb/tgFBDAHUZjgRAZepzggA
cache-control: max-age=604800
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 577193
x-service-version: img-dscr-srv-a922622f
server: CDN77-Turbo

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/ 0
0 194ms
194ms Preflight 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/AIqc69Giyl/1490271/JQ1RFjc4uxUJtcHM/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F3%2F0%2F73%2F147%2F276%2FEssence_Essence-1561_R.jpg%22%2C%22alt%22%3A%22Essence%20Suite%20Bath%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F4%2F0%2F81%2F935%2F139%2FESChampagneGlassesEdited_S.jpg%22%2C%22alt%22%3A%22Essence%20Champagne%20Glasses%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd1dzqwexhp5ztx.cloudfront.net%2FimageRepo%2F4%2F0%2F81%2F939%2F245%2F5EssenceSuiteSite_S.jpg%22%2C%22alt%22%3A%22Essence%20Suite%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.essencesuites.com%2F%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.essencesuites.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Fri, 25 Oct 2024 01:07:17 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBqZb/tgAACAHUZjgRAAA
x-77-nzt-ray: 15b3c711d04c365045ef1a6704a3200d
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-0bfa9e8b

GET
H2 200 1490271 Show response
api.userway.org/api/br-links/v0/links/ 464 B
0 0ms
0ms Fetch
application/json 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/1490271
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8c31a5bc81d070f0d38f78b82ccbf8a2e11f0893f6fb0c159faf5128371c8db8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
etag: W/"1d0-+JUilDcSrKSwH++e0bMoO2UgRSU"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 464
date: Fri, 25 Oct 2024 01:07:14 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.essencesuites.com%2F/DESKTOP/WIDGET_ON/ 77 B
454 B 208ms
207ms Fetch
application/json 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.essencesuites.com%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 77
date: Fri, 25 Oct 2024 01:07:17 GMT
content-type: application/json; charset=utf-8
x-service-version: seo-w-eb3c4543
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 scan_1729588264776.js Show response
cdn.userway.org/widgetapp/2024-10-22-09-11-04/scan/ 53 KB
14 KB 28ms
28ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/scan/scan_1729588264776.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f1e24250e119793be1a0642d204a3e1dff9ca8b6650532297df5ecce5e17d3e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.essencesuites.com
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"12363ee5379336f410d063524560ab7a"
age: 356
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: dh2hsZXEWHbOR2R3SLCcpBfPmAYz_XCQ_O9vzasqBvmL8FtC2f1npw==
date: Fri, 25 Oct 2024 01:07:17 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 09:14:29 GMT
vary: Accept-Encoding
x-77-nzt-ray: 25b02131c5e140a745ef1a67f4019039
x-77-nzt: EgwBw7WvJwH3CoADAAwBisclxAG3VAAAAA
cache-control: max-age=25920000, public
via: 1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 229386
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

PUT
H2 200 contrib Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.essencesuites.com%2F/DESKTOP/ 77 B
454 B 241ms
223ms XHR
application/json 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.essencesuites.com%2F/DESKTOP/contrib
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-22-09-11-04/widget_app_base_1729588264776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 77
date: Fri, 25 Oct 2024 01:07:18 GMT
content-type: application/json; charset=utf-8
x-service-version: seo-w-eb3c4543
vary: Accept-Encoding
access-control-allow-headers: *

OPTIONS
H2 200 contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.essencesuites.com%2F/DESKTOP/ 0
0 192ms
192ms Preflight 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.essencesuites.com%2F/DESKTOP/contrib
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://www.essencesuites.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Fri, 25 Oct 2024 01:07:18 GMT
x-service-version: seo-w-eb3c4543

GET
H2 200 1490271 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 192ms
191ms Fetch
application/json 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/1490271
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-22-09-11-04/paid/remediation-tool.js?ts=1729588264776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 51
date: Fri, 25 Oct 2024 01:07:18 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H/1.1 200
OK ES-1-27_S.jpg
d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/935/330/ 316 KB
317 KB 437ms
437ms Image
image/jpeg 54.230.228.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dzqwexhp5ztx.cloudfront.net/imageRepo/4/0/81/935/330/ES-1-27_S.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-102.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd16589c59fa468394662d2158f0d5ffdf838412b6b280ae961f037de79789f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.essencesuites.com/

Response headers

x-amz-version-id: null
ETag: "f86dc22f34262ca70dca17db8550332b"
Connection: keep-alive
Via: 1.1 b10eef4dff0375003ae9795596a9615c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: RefreshHit from cloudfront
Content-Length: 324073
X-Amz-Cf-Id: i0xP4XObZIXifYxlDZr-Pn9UWDP3nA24SzKGBpOhVvxSysQ7hjjvsQ==
Date: Fri, 25 Oct 2024 01:07:24 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 25 Apr 2017 20:25:21 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: muc.leonardocloud.com
URL: https://muc.leonardocloud.com/cdms/vmm3files/fb07421f-d982-4a56-ac91-b96db173cdad_jp.jpg

Domain: imgur.com
URL: http://imgur.com/lM8ZGKo

Domain: i.imgur.com
URL: http://i.imgur.com/lM8ZGKo.png

Domain: muc.leonardocloud.com
URL: https://muc.leonardocloud.com/cdms/vmm3files/fb07421f-d982-4a56-ac91-b96db173cdad_jp.jpg

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.essencesuites.com/	1970-01-21 00:30:22	Name: NINJA_SESSION Value: 7f82cac8339886977b9167842b0a3007836c78ad-___ID=bd649c4a-1de5-42cf-8bcb-124d3d3c8b1d&___TS=1729818430714
.essencesuites.com/	1970-01-21 10:06:18	Name: _ga Value: GA1.2.700743642.1729818431
.essencesuites.com/	1970-01-21 00:31:44	Name: _gid Value: GA1.2.1533903049.1729818431
.essencesuites.com/	1970-01-21 00:30:18	Name: _gat Value: 1
.essencesuites.com/	1970-01-21 10:06:18	Name: _ga_8KLHF53327 Value: GS1.2.1729818431.1.0.1729818431.0.0.0
.essencesuites.com/	1970-01-21 02:39:54	Name: _fbp Value: fb.1.1729818431434.749317860508222581

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.essencesuites.com/ Message: Mixed Content: The page at 'https://www.essencesuites.com/' was loaded over HTTPS, but requested an insecure script 'http://imgur.com/lM8ZGKo'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.essencesuites.com/ Message: Mixed Content: The page at 'https://www.essencesuites.com/' was loaded over HTTPS, but requested an insecure favicon 'http://i.imgur.com/lM8ZGKo.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
api.userway.org
cdn.userway.org
cdn77.api.userway.org
code.jquery.com
connect.facebook.net
d1dzqwexhp5ztx.cloudfront.net
dmp.leonardocloud.com
essencesuites.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
imgur.com
maxcdn.bootstrapcdn.com
muc.leonardocloud.com
region1.google-analytics.com
www.essencesuites.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
i.imgur.com
imgur.com
muc.leonardocloud.com
104.18.11.207
142.250.184.234
142.250.186.67
148.51.205.235
157.240.0.6
2001:4860:4802:32::36
2600:1f14:5db:eb00:e2c8:ecdb:320b:b7ce
2606:4700::6811:e4d0
2a00:1450:4001:81d::200e
2a00:1450:4001:827::2008
2a00:1450:4001:831::200a
2a02:6ea0:c700::11
2a02:6ea0:c700::112
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::649
52.85.65.50
54.230.228.102
67.203.23.93
021641f5d569e5139c323e6b304146005220ffb45dfc9381ea010324f729c8d1
104c8b108c24cf791c82f71f4150093bbe356fc5d2078b2e257ff6eac4bdc385
1111ce62203171988e5de74c565357d586ac6d42fd55ac49466079a62eb4c07c
1d43043e0c62e735bae359f8e2a998bed94ffe7b3f70f54846c33a7f5d0f3bbf
20795d1f6f78735bb795abd53dc25186805e3b59abecdb86df22af8a13ade31b
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
23f052693b9047ad13a1e449926af32261885857cf739fd532643b28d0e84586
24a6ddc71f3d94fd9bcd29b7540b49f299a1ca78986464aeb47291fdea955e35
257869f0c48f8ec2930d3a837572015d947231363197b4783d8029253eb1a90d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3229efc2fe9652ae497a93a933f04a18e3216d7af071e922bbb722634573aa7d
354e9ad01475902967f9e75efdcbcb9465807ce3abbe0f2a6cc7efd0a578037f
3a7599974fb2f6d9e0b65dd7a6f7f53aceaff9c492aedf820191a435301606a2
3c0faea87355d48c0de219be6d89c5b77b1132b833891939066d5530955c8a73
41bef6fc30b795d491d3791a85503e9316cffec9b56096d72a2f5812772df361
4305fc086503c83c08d764d77b83009f876f713b632249274489836f2cac0562
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
4e2ee501ae7351adeb66068fadfef711b7b4d3de406b50febf3eeb1a6a168b04
50882353f8ed7f224112a1741508ae14d0d4f1dff2762f4eb1820f9ec2cf0af0
544bb7f4f7780d0f8a50e334103022a405e5d84d08b6f4657fe8094a472e8ca2
545747503fdb3f888e9bafa66edb66ed8cc95f87ea4a21b5aa4de3cac79793f1
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
5949a4a7e47aa5b63bea78046d0854c98a1dd0648c3f7c933a6f342341284493
60c0af5ff1a8f1db780afb29e08b2131d351085a9a8c0c379b4edf9e98b9b958
6ae2622d17b10db9ffc39286026f55423807db48fc60ae20943bc7ec81b04605
6f3ad2bfff2f527dbe5af4683798def6586fd6ee8472c524d22fb06f680472d0
7226ae94f7215c78362cc0ed7aef65388d709ed19d497cb892e15bcacb775e8b
7535ffc219f973b84022fbdccdd494bff3c83e486688e5d938ab6d539ee35645
76911c09be1d18e11fa1cbb3029d9daf4f6692823c2eca10ac22fb4ac9a6e33b
796f63daec56cf77b30a09a95a9180bb3328cf941b4e4d52a100201c7a6a757e
7b9c4d1ebaf6673a72bb1f5993520ceba487e07598878bb34a1c9e70dbc67ac3
8c31a5bc81d070f0d38f78b82ccbf8a2e11f0893f6fb0c159faf5128371c8db8
90e1f31efc7a163e3b3b3f5c596f6ef4cf1b443b6149d21f1c47d40690ae9c1b
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d
937d4e44582066f0e8ca6d4805983d8dcb87c3fcc1b3439376c7682aa90e5555
951431834282ec2480296e922c183e74b840254c2da6e4dd63f5ef3280738999
95df679554aec13b22b5f35d8530bd7191844fb182ea9e4e0e47eef71f2bc28c
9a9f77ef83e13d03cb8dd7ee7e225b0805da1de7b2476100820c29db4d51671b
9b13254947fa89ca71d54d87203a7a36ae89c35a5692a30ba60e2dbcfd1bf0c0
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a39bdcf597775245e2d9f02f0253074cff2218a32ec9c1625af041b5a9a648c1
a3a752cde3a76012b19d2d3121cd8c79cabaeca19c69566943c4ec1f3bdaa88e
aa1939d4dc6a305ed3e90b82ec202c4cbe8153fc5f900e03d43b8a0793593348
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aea1b535d08e644d2339a709dca6977b5bae483107463e7f5895c74a6e64a1ae
afbd540e561be771aea30d21cd5e5fa94b37a3c2a1736411362218017c381ce3
b18b73e859865437d3d71a5af2093c6873e04d047988ce78415fcb1f9b4eabc2
b885ace9168c924de23c60edfdaa962b6a29b8e7253ef03eda074ebd7528a1d9
bbd56d6469668ddcca62d7ff5c93a7647c991f030814ed92045dd7345d4f0b47
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c8484145038b84eff3f7c497f753b13b6f908e270dc1063deaf1d368f929df52
c90ee1979b62b3b5a8b4b6ebab4a0aaf83c57e3cd6f33d86a64517cc15ad52b6
cbc00f1a90bb42beab332b26d420e3acd3e687b61259a7483ebd6dee9080b7d8
d06579d579776e51bd9ced4f15860023d90c55e875d722899e2f72b0214d5138
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d57059b36a7080407950d5a42e8d09c479ab22faa00aa9b7b473390cd45af23f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
ec3db31e20f8ce5ab45db728e9b8d090ce0dd84f013344675c3ff00b8c7684b7
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f0316fd912bb303a7576401cbbe9f3fa5dc3d4d3a08e6f1300db3f117f9a57a0
f0bf73492d81e49e2972cddeb1498b7add3c14dbf4422bab8111adc1486c3119
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
f139724942073b3421017549c3d931e8e334555dbe4f42c4f3120b6afd2a90d4
f1e24250e119793be1a0642d204a3e1dff9ca8b6650532297df5ecce5e17d3e2
f499fe56ce919568ce47166439d8519341f8a6a9d6b1616bc0f2387264e56dbe
f9901e87f893ad7cb3c06fb1dd6b83525b7033424e5450e4b4bf1da53759b188
fb332e2f9ce604f46c2c183a442d4ec43de3843d4ec70790b746eabd56dde20a
fd16589c59fa468394662d2158f0d5ffdf838412b6b280ae961f037de79789f4

www.essencesuites.com Open in urlscan Pro 2606:4700::6811:e4d0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

94 %HTTPS

56 %IPv6

14 Domains

20 Subdomains

18 IPs

3 Countries

2037 kBTransfer

3690 kBSize

6 Cookies

11 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.essencesuites.com Open in urlscan Pro
2606:4700::6811:e4d0 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

94 %
HTTPS

56 %
IPv6

14
Domains

20
Subdomains

18
IPs

3
Countries

2037 kB
Transfer

3690 kB
Size

6
Cookies

70 HTTP transactions
15 data transactions