Submitted URL: http://hayleysintuitivereadings.ca/
Effective URL: https://hayleysintuitivereadings.ca/
Submission: On May 02 via api from US

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 2606:4700::6811:c349, located in United States and belongs to CLOUDFLARENET, US. The main domain is hayleysintuitivereadings.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2020. Valid for: a year.
This is the only time hayleysintuitivereadings.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 143.204.202.56 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.201.81.77 15169 (GOOGLE)
1 3.216.202.112 14618 (AMAZON-AES)
17 8
Domain Requested by
5 imageprocessor.digital.vistaprint.com hayleysintuitivereadings.ca
4 hayleysintuitivereadings.ca 1 redirects hayleysintuitivereadings.ca
3 fonts.gstatic.com fonts.googleapis.com
2 api.rollbar.com cdnjs.cloudflare.com
1 statscollector.digital.vistaprint.com hayleysintuitivereadings.ca
1 cdnjs.cloudflare.com hayleysintuitivereadings.ca
1 static.websimages.com hayleysintuitivereadings.ca
1 fonts.googleapis.com hayleysintuitivereadings.ca
17 8

This site contains no links.

Subject Issuer Validity Valid
hayleysintuitivereadings.ca
Cloudflare Inc ECC CA-3
2020-06-30 -
2021-06-30
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
imageprocessor.digital.vistaprint.com
Amazon
2021-04-25 -
2022-05-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-05 -
2021-08-05
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
api.rollbar.com
DigiCert SHA2 Secure Server CA
2020-07-13 -
2022-07-27
2 years crt.sh
statscollector.digital.vistaprint.com
Amazon
2020-11-20 -
2021-12-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://hayleysintuitivereadings.ca/
Frame ID: 8BC4B0AD8776605AD2B74BDBCA20B5A9
Requests: 16 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://hayleysintuitivereadings.ca/ HTTP 301
    https://hayleysintuitivereadings.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

17
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

5315 kB
Transfer

5793 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hayleysintuitivereadings.ca/ HTTP 301
    https://hayleysintuitivereadings.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
hayleysintuitivereadings.ca/
Redirect Chain
  • http://hayleysintuitivereadings.ca/
  • https://hayleysintuitivereadings.ca/
81 KB
18 KB
Document
General
Full URL
https://hayleysintuitivereadings.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:c349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bffe79cfb72da3d4bbb643a152f85cecc4825cf100fb0fbf83d44071971a2be3

Request headers

:method
GET
:authority
hayleysintuitivereadings.ca
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 06:02:56 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d7a50e159e8160ca167180172f1809f4d1619935375; expires=Tue, 01-Jun-21 06:02:55 GMT; path=/; domain=.hayleysintuitivereadings.ca; HttpOnly; SameSite=Lax; Secure
content-language
en_us
cache-control
public, s-maxage=43200, max-age=60
cf-cache-status
MISS
cf-request-id
09cd45474500005364e9108000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
648f0b1edeb85364-FRA
content-encoding
gzip

Redirect headers

Date
Sun, 02 May 2021 06:02:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 02 May 2021 07:02:55 GMT
Location
https://hayleysintuitivereadings.ca/
cf-request-id
09cd4547120000d6c18415d000000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
648f0b1e8aa8d6c1-FRA
/
hayleysintuitivereadings.ca/.css/
206 KB
32 KB
Stylesheet
General
Full URL
https://hayleysintuitivereadings.ca/.css/?cacheId=1601511744014
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:c349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b048e6e5e191562aab56ecc489c952f84c2bd07e905559b4f17032aa3dc917

Request headers

:path
/.css/?cacheId=1601511744014
pragma
no-cache
cookie
__cfduid=d7a50e159e8160ca167180172f1809f4d1619935375
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hayleysintuitivereadings.ca
referer
https://hayleysintuitivereadings.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
648f0b281ffc5364-FRA
date
Sun, 02 May 2021 06:02:58 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
etag
W/"339f4-4kM10eBwG421Pt8NTvuAR8Hti8I"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-language
en_us
cache-control
public, s-maxage=43200, max-age=60
content-type
text/css; charset=utf-8
cf-request-id
09cd454d0b00005364c1b3c000000001
/
hayleysintuitivereadings.ca/.js/
250 KB
63 KB
Script
General
Full URL
https://hayleysintuitivereadings.ca/.js/?cacheId=1601511744014&locale=en-US
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:c349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2de68f27eb9c7e02d8d20c70e027f748334f3b36230b332fa39c4a9d78d2e8

Request headers

:path
/.js/?cacheId=1601511744014&locale=en-US
pragma
no-cache
cookie
__cfduid=d7a50e159e8160ca167180172f1809f4d1619935375
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hayleysintuitivereadings.ca
referer
https://hayleysintuitivereadings.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
648f0b281ffd5364-FRA
date
Sun, 02 May 2021 06:02:58 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
etag
W/"3e645-YmE5PZgh6cp7ihOXLfFiy5S/boQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-language
en_us
cache-control
public, s-maxage=43200, max-age=60
content-type
application/javascript; charset=utf-8
cf-request-id
09cd454d1000005364be888000000001
css
fonts.googleapis.com/
7 KB
849 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7acdaa0287af9f38a639ac6868a603c60b47f393cfb5cfbf9242825e13824c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 May 2021 06:02:56 GMT
server
ESF
date
Sun, 02 May 2021 06:02:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 May 2021 06:02:56 GMT
5ba8e769-3da4-4945-aae3-295d81335198
imageprocessor.digital.vistaprint.com/crop/0,0,1876x1612/maxWidth/1000/https://assets.digital.vistaprint.com/production/
148 KB
148 KB
Image
General
Full URL
https://imageprocessor.digital.vistaprint.com/crop/0,0,1876x1612/maxWidth/1000/https://assets.digital.vistaprint.com/production/5ba8e769-3da4-4945-aae3-295d81335198
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-56.fra53.r.cloudfront.net
Software
/ Express
Resource Hash
d367ccce276ab2bfc4c887b6fcdf2f44e393dd680fdd71ccd2b8ba7a134dda13

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 15:37:08 GMT
Via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
Connection
keep-alive
Age
1693550
X-Powered-By
Express
ETag
W/"24e76-xQSIFWYwLTjyG/ebRz4R16pjsZA"
RequestId
f9ca2261-94e6-462d-8b7e-0719e31d4eac
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop
FRA53-C1
Content-Length
151158
X-Amz-Cf-Id
6rNM_nmU50N0MxkA_dBaBSCv9i9TR-w-fK8HUBwJghRU1vOzj4fqKg==
original
imageprocessor.digital.vistaprint.com/crop/102,77,819x614/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/e06d06fd-f112-4633-a195-a3ed7bfa0c4b~110/
121 KB
121 KB
Image
General
Full URL
https://imageprocessor.digital.vistaprint.com/crop/102,77,819x614/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/e06d06fd-f112-4633-a195-a3ed7bfa0c4b~110/original?tenant=vbu-digital
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-56.fra53.r.cloudfront.net
Software
/ Express
Resource Hash
4b1e7fec98a4aea36d889d5b17b7d7e32c93b402296955c122c99944234409f9

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 06:02:58 GMT
Via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Powered-By
Express
ETag
W/"1e325-fmMqWLdI/yJnLCojbUp0HpFPk+Q"
RequestId
a9ab348c-53da-48d5-9e8c-b1b66b0e8648
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, s-maxage=604800,max-age=604800
Connection
keep-alive
Content-Length
123685
X-Amz-Cf-Id
RN4x9SOIvbdEnc9dPHrqa96mP-B_XDQfWYawaG_FnaFAcIUS12o84g==
collector.js
static.websimages.com/active-static/target/stats/
1 KB
1 KB
Script
General
Full URL
https://static.websimages.com/active-static/target/stats/collector.js
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 06:02:58 GMT
content-encoding
br
cf-cache-status
HIT
age
1947000
cf-polished
origSize=1803
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09cd45539400004e9ddd1ef000000001
last-modified
Mon, 15 Feb 2021 20:42:17 GMT
server
cloudflare
etag
W/"70b-5bb660581bc40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=18000
cf-ray
648f0b328b814e9d-FRA
expires
Fri, 09 Apr 2021 22:12:58 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/
69 KB
19 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://hayleysintuitivereadings.ca
Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 06:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
791736
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18862
cf-request-id
09cd45537e0000646d5d097000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-112f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mkJmdcy6YvvSbEQE%2BoAY0H%2FQKnp21vWkyRscAFm4NsaKoXb4hkQ1dC0rhiNquh%2F%2B%2BWckpVonwwBQcP4zTHtEAbBy9hT5mK5SI3J%2FWs6%2FF%2Fu6ov2E8sG8sbCvbQqj7vBDZQ%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
648f0b326bc2646d-FRA
expires
Fri, 22 Apr 2022 06:02:58 GMT
caf97cee-492f-4ae8-87c4-cdaa65607616
imageprocessor.digital.vistaprint.com/crop/0,0,3394x2357/maxWidth/2000/https://assets.digital.vistaprint.com/production/
5 MB
5 MB
Image
General
Full URL
https://imageprocessor.digital.vistaprint.com/crop/0,0,3394x2357/maxWidth/2000/https://assets.digital.vistaprint.com/production/caf97cee-492f-4ae8-87c4-cdaa65607616
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-56.fra53.r.cloudfront.net
Software
/ Express
Resource Hash
4f696f20fbe22b5e7d8330fe24f77c84e2c6d21cdaf21f0485022beeee564a85

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 08:35:55 GMT
Via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
Connection
keep-alive
Age
1373223
X-Powered-By
Express
ETag
W/"482b26-gRjb7p4E6KB43y5rQ7ToHnHY/zA"
RequestId
881ce3c8-d962-4fa2-b015-e6131a4d976d
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop
FRA53-C1
Content-Length
4729638
X-Amz-Cf-Id
57sk2Ze04sc4UZM8uP-F397KBZvlzVAKalm9uWPJfXZ1PYoJmJVCVw==
496cff2b7cdea2327347522cfbf0ad8d.jpg
imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/stockservice.digital.vistaprint.com/
234 KB
234 KB
Image
General
Full URL
https://imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/stockservice.digital.vistaprint.com/496cff2b7cdea2327347522cfbf0ad8d.jpg
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-56.fra53.r.cloudfront.net
Software
/ Express
Resource Hash
1696eb7317db0a00d8beb4e645f00d3fa91597745acd7c055d0cb2de0a724bcd

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 06:02:59 GMT
Via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Powered-By
Express
ETag
W/"3a664-LUWttA6LRSIKLgz8TlwlrFyzWLk"
RequestId
d6147ef1-03a1-4229-9c1f-1a3699f825f3
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, s-maxage=604800,max-age=604800
Connection
keep-alive
Content-Length
239204
X-Amz-Cf-Id
raE8zMcms50Km81u9gMhRjy-DIPcCqEoxA4PM-yU99UL5gdHrM7pZQ==
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hayleysintuitivereadings.ca
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
age
590360
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:03:38 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hayleysintuitivereadings.ca
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 12:25:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
age
149839
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
expires
Sat, 30 Apr 2022 12:25:39 GMT
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v17/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/josefinsans/v17/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb1f52007251aecad20fbb2152f9818653a595882dc03ac8830d02502cb19ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hayleysintuitivereadings.ca
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 03:57:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:01:14 GMT
server
sffe
age
180351
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26828
x-xss-protection
0
expires
Sat, 30 Apr 2022 03:57:07 GMT
/
api.rollbar.com/api/1/item/
0
0
Preflight
General
Full URL
https://api.rollbar.com/api/1/item/
Protocol
H2
Server
35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-rollbar-access-token
Origin
https://hayleysintuitivereadings.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.9
date
Sun, 02 May 2021 06:02:58 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type,x-rollbar-access-token
x-response-time
0ms
via
1.1 google
alt-svc
clear
/
api.rollbar.com/api/1/item/
100 B
192 B
XHR
General
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
01b679f4970c1084b3689229b013c78b507dc88707e2c7c1b8e9e3cdbe5cf855

Request headers

X-Rollbar-Access-Token
45330074fb0545a68e299ae483ce45a9
Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-response-time
22ms
date
Sun, 02 May 2021 06:02:58 GMT
via
1.1 google
server
nginx/1.17.9
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
100
record
statscollector.digital.vistaprint.com/
0
71 B
Image
General
Full URL
https://statscollector.digital.vistaprint.com/record?siteId=2684829667&pageId=2684829667&pageTitle=Home&parentPageId=&builderType=tower&premium=true&referrer=&location=https%3A%2F%2Fhayleysintuitivereadings.ca%2F&visitorId=477184897
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.202.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 06:02:58 GMT
x-powered-by
Express
content-type
text/plain
original
imageprocessor.digital.vistaprint.com/crop/102,77,819x614/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/e06d06fd-f112-4633-a195-a3ed7bfa0c4b~110/
713 B
1 KB
Image
General
Full URL
https://imageprocessor.digital.vistaprint.com/crop/102,77,819x614/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/e06d06fd-f112-4633-a195-a3ed7bfa0c4b~110/original?tenant=vbu-digital
Requested by
Host: hayleysintuitivereadings.ca
URL: https://hayleysintuitivereadings.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-56.fra53.r.cloudfront.net
Software
/ Express
Resource Hash
e6b12a7600c501e524a5b269dd7cfc62a574596e6ac2b765082eb49ba80492c3

Request headers

Referer
https://hayleysintuitivereadings.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 06:02:58 GMT
Via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Powered-By
Express
ETag
W/"2c9-OjKPrAKyboa7BJsrjmum7bQQFgs"
RequestId
6829e626-7ab8-4ebe-9691-7cb26a5dcbc5
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, s-maxage=604800,max-age=604800
Connection
keep-alive
Content-Length
713
X-Amz-Cf-Id
ZrJByxjvPNyh7thelDP8tkfZ4MOYht9StPikS92OTuzHXq8zSoucJA==

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar object| webs function| _now function| throttle function| anchorScrolling function| shouldDockRight function| shouldDockVerticalLeft function| positionChildNav function| applyPositionToSubnav function| handleSubnavEvent function| setupSubNavPositioningEventHandlers undefined| MEDIA_GALLERY_SLIDESHOW_SELECTOR undefined| SLIDESHOW_CONTAINER_SELECTOR undefined| SLIDESHOW_IMAGE_SELECTOR undefined| SLIDESHOW_BELOW_IMAGE_DESCRIPTOR_SELECTOR undefined| SLIDESHOW_ARROW_LEFT_SELECTOR undefined| SLIDESHOW_ARROW_RIGHT_SELECTOR undefined| THUMBNAIL_CONTAINER_SELECTOR undefined| THUMBNAIL_WRAPPER_SELECTOR undefined| THUMBNAIL_IMAGE_SELECTOR undefined| SLIDESHOW_MARGIN_OFFSET function| scrollToThumbnail function| incrementSlideCount function| twoImageIncrementSlideCount function| setOrder function| toggleSlideshowPause function| setUpAutoPlay function| scrollToSlide function| scrollToSelected function| setThumbnailHighlight function| findNumOfSlides function| adjustArrowHeight function| setUpSlideshows undefined| tower string| i18nLocale object| i18next object| jsbn object| Money function| objectFitPolyfill object| platform number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized

2 Cookies

Domain/Path Name / Value
hayleysintuitivereadings.ca/ Name: webs-stats-visitor-id
Value: 477184897
.hayleysintuitivereadings.ca/ Name: __cfduid
Value: d7a50e159e8160ca167180172f1809f4d1619935375

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rollbar.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hayleysintuitivereadings.ca
imageprocessor.digital.vistaprint.com
static.websimages.com
statscollector.digital.vistaprint.com
143.204.202.56
2606:4700::6810:125e
2606:4700::6811:c349
2606:4700::6812:d054
2a00:1450:4001:800::2003
2a00:1450:4001:827::200a
3.216.202.112
35.201.81.77
01b679f4970c1084b3689229b013c78b507dc88707e2c7c1b8e9e3cdbe5cf855
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
1696eb7317db0a00d8beb4e645f00d3fa91597745acd7c055d0cb2de0a724bcd
1a2de68f27eb9c7e02d8d20c70e027f748334f3b36230b332fa39c4a9d78d2e8
4b1e7fec98a4aea36d889d5b17b7d7e32c93b402296955c122c99944234409f9
4f696f20fbe22b5e7d8330fe24f77c84e2c6d21cdaf21f0485022beeee564a85
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
98b048e6e5e191562aab56ecc489c952f84c2bd07e905559b4f17032aa3dc917
bffe79cfb72da3d4bbb643a152f85cecc4825cf100fb0fbf83d44071971a2be3
c7acdaa0287af9f38a639ac6868a603c60b47f393cfb5cfbf9242825e13824c8
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
d367ccce276ab2bfc4c887b6fcdf2f44e393dd680fdd71ccd2b8ba7a134dda13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b12a7600c501e524a5b269dd7cfc62a574596e6ac2b765082eb49ba80492c3
eb1f52007251aecad20fbb2152f9818653a595882dc03ac8830d02502cb19ac7