urlscan.io logo urlscan.io
SecurityTrails logo

www.messagesfromspirit.ca Open in urlscan Pro
199.34.228.58  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Submission: On October 03 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 11 domains to perform 64 HTTP transactions. The main IP is 199.34.228.58, located in United States and belongs to WEEBLY, US. The main domain is www.messagesfromspirit.ca.
This is the only time www.messagesfromspirit.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 199.34.228.58 27647 (WEEBLY)
1 142.251.167.155 15169 (GOOGLE)
1 1 13.249.190.109 16509 (AMAZON-02)
6 13.249.190.15 16509 (AMAZON-02)
1 1 18.239.183.85 16509 (AMAZON-02)
1 18.239.183.66 16509 (AMAZON-02)
19 151.101.1.46 54113 (FASTLY)
1 151.101.65.46 54113 (FASTLY)
2 3.130.237.221 16509 (AMAZON-02)
9 13.35.77.65 16509 (AMAZON-02)
1 3 104.18.26.3 13335 (CLOUDFLAR...)
2 52.88.202.252 16509 (AMAZON-02)
1 18.239.166.207 16509 (AMAZON-02)
3 18.239.166.110 16509 (AMAZON-02)
1 142.251.167.95 15169 (GOOGLE)
1 54.231.199.40 16509 (AMAZON-02)
1 142.251.163.94 15169 (GOOGLE)
2 104.18.27.3 13335 (CLOUDFLAR...)
1 23.78.0.173 16625 (AKAMAI-AS)
1 104.16.57.101 13335 (CLOUDFLAR...)
1 18.239.176.187 16509 (AMAZON-02)
64 20
9    199.34.228.58 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-custom-14.weebly.com
www.messagesfromspirit.ca
1    142.251.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net
www.googleadservices.com
1    13.249.190.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-109.bos50.r.cloudfront.net
w.sharethis.com
6    13.249.190.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-15.bos50.r.cloudfront.net
w.sharethis.com
ws.sharethis.com
1    18.239.183.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-85.bos50.r.cloudfront.net
s.sharethis.com
1    18.239.183.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-66.bos50.r.cloudfront.net
s.sharethis.com
19    151.101.1.46 (United States)

ASN54113 (FASTLY, US)
cdn2.editmysite.com
1    151.101.65.46 (United States)

ASN54113 (FASTLY, US)
cdn2.editmysite.com
2    3.130.237.221 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-237-221.us-east-2.compute.amazonaws.com
l.sharethis.com
9    13.35.77.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-65.bos50.r.cloudfront.net
d3b3ehuo35wzeh.cloudfront.net
3    104.18.26.3 (None, )

ASN13335 (CLOUDFLARENET, US)
www.vcita.com
2    52.88.202.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-202-252.us-west-2.compute.amazonaws.com
ec.editmysite.com
1    18.239.166.207 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-166-207.bos50.r.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
3    18.239.166.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-166-110.bos50.r.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
1    142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
fonts.googleapis.com
1    54.231.199.40 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
2    104.18.27.3 (None, )

ASN13335 (CLOUDFLARENET, US)
www.vcita.com
1    23.78.0.173 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-0-173.deploy.static.akamaitechnologies.com
c15117557.ssl.cf2.rackcdn.com
1    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    18.239.176.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-176-187.bos50.r.cloudfront.net
d3sbxpiag177w8.cloudfront.net
Apex Domain
Subdomains		 Transfer
22 editmysite.com
cdn2.editmysite.com — Cisco Umbrella Rank: 24650
ec.editmysite.com — Cisco Umbrella Rank: 27955
555 KB
14 cloudfront.net
d3b3ehuo35wzeh.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
d3sbxpiag177w8.cloudfront.net
474 KB
11 sharethis.com
w.sharethis.com — Cisco Umbrella Rank: 32250
s.sharethis.com — Cisco Umbrella Rank: 459476
ws.sharethis.com — Cisco Umbrella Rank: 19157
l.sharethis.com — Cisco Umbrella Rank: 6038
119 KB
9 messagesfromspirit.ca
www.messagesfromspirit.ca
459 KB
5 vcita.com
www.vcita.com — Cisco Umbrella Rank: 175592
8 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1476
7 KB
1 rackcdn.com
c15117557.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 298297
11 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 amazonaws.com
s3.amazonaws.com
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
19 KB
64 11
Domain Requested by
20 cdn2.editmysite.com www.messagesfromspirit.ca
cdn2.editmysite.com
9 d3b3ehuo35wzeh.cloudfront.net www.messagesfromspirit.ca
d3b3ehuo35wzeh.cloudfront.net
9 www.messagesfromspirit.ca www.messagesfromspirit.ca
cdn2.editmysite.com
5 www.vcita.com 1 redirects www.messagesfromspirit.ca
d2ra6nuwn69ktl.cloudfront.net
static.cloudflareinsights.com
5 ws.sharethis.com w.sharethis.com
ws.sharethis.com
4 d2ra6nuwn69ktl.cloudfront.net www.vcita.com
d2ra6nuwn69ktl.cloudfront.net
2 ec.editmysite.com cdn2.editmysite.com
2 l.sharethis.com w.sharethis.com
www.messagesfromspirit.ca
2 s.sharethis.com 1 redirects www.messagesfromspirit.ca
2 w.sharethis.com 1 redirects www.messagesfromspirit.ca
1 d3sbxpiag177w8.cloudfront.net d3b3ehuo35wzeh.cloudfront.net
1 static.cloudflareinsights.com www.vcita.com
1 c15117557.ssl.cf2.rackcdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 s3.amazonaws.com d3b3ehuo35wzeh.cloudfront.net
1 fonts.googleapis.com d2ra6nuwn69ktl.cloudfront.net
1 www.googleadservices.com www.messagesfromspirit.ca
64 17
Subject Issuer Validity Valid
*.editmysite.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-12 -
2024-07-13		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-06-21		 a year crt.sh
www.vcita.com
Cloudflare Inc ECC CA-3		 2023-08-11 -
2024-08-10		 a year crt.sh
*.ssl.cf2.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-23 -
2024-01-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh

This page contains 3 frames:

Primary Page: http://www.messagesfromspirit.ca/spirit-removal.html
Frame ID: D2D5A095EF453658894BBACF1BD454B6
Requests: 59 HTTP requests in this frame

Frame: https://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate
Frame ID: C6A984F0B607CE6379DE4C962DCBD5F4
Requests: 3 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 60322CFE45861C2788A979502C00B93F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Entity Removal, Spirit Removal, Demon Possession Removal

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\d+\.editmysite\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • w\.sharethis\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

38 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

20
IPs

2
Countries

1709 kB
Transfer

4398 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://w.sharethis.com/button/buttons.js HTTP 301
  • https://w.sharethis.com/button/buttons.js
Request Chain 2
  • http://s.sharethis.com/loader.js HTTP 301
  • https://s.sharethis.com/loader.js
Request Chain 46
  • http://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate HTTP 302
  • https://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request spirit-removal.html
www.messagesfromspirit.ca/ 		65 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
Apache /
Resource Hash
51354d9f795de86b1de584ddf501da53852b9465bb2537d97d9fcc55b39e3004

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
13571
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 21:48:46 GMT
ETag
W/"8d837925c69505aeb9e3658853cea73c-gzip"
Keep-Alive
timeout=10, max=73
Server
Apache
Vary
X-W-SSL,Accept-Encoding,User-Agent
X-Host
grn103.sf2p.intern.weebly.net
X-UA-Compatible
IE=edge,chrome=1
conversion.js
www.googleadservices.com/pagead/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
39534116e06af8e76d223fd8d14511a23b1d53c51f50c92faed79d263b83771b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9803205676476710916
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
19185
X-XSS-Protection
0
Expires
Tue, 03 Oct 2023 21:48:46 GMT
buttons.js
w.sharethis.com/button/
Redirect Chain
  • http://w.sharethis.com/button/buttons.js
  • https://w.sharethis.com/button/buttons.js
107 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.sharethis.com/button/buttons.js
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
H2
Server
13.249.190.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-15.bos50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
a457ab8682faad67269f879fc32fe9627a3495747a0652849a4966eb1ec01fea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:25:11 GMT
content-encoding
gzip
via
1.1 1e8a8ab84eba884d9ab3f841aa96a1e0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
BOS50-C2
age
95015
x-cache
Hit from cloudfront
content-length
27693
server
nginx/1.20.1
etag
W/"64f225e3-1acc4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
aSkBygc9e1h1GMNzPsiWV7lRaK8twuN8M3SNU4TzfnCEC9Kexp_qMg==
expires
Thu, 05 Oct 2023 19:25:11 GMT

Redirect headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Via
1.1 07da2322976c8f91428dfa17020aeda2.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
BOS50-C2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://w.sharethis.com/button/buttons.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
pYZIF8XZ46MHswCPW4SGl47a89Kc13jt-TNthAre54zts7lJB-HKhA==
loader.js
s.sharethis.com/
Redirect Chain
  • http://s.sharethis.com/loader.js
  • https://s.sharethis.com/loader.js
19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.sharethis.com/loader.js
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
H2
Server
18.239.183.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-183-66.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 21:43:06 GMT
content-encoding
gzip
via
1.1 f9888c133790a1a06da4b6c91375bb9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 20 Aug 2019 17:22:04 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P4
age
341
etag
W/"a637698b696964cb3a292f5482138425"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-robots-tag
noindex, nofollow
x-amz-cf-id
jX0iPbJBIqk275FGmC7hJnWYd9nbgb_H2HqDo2y7CJ1FmOmu_CGk0g==

Redirect headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Via
1.1 ed0934ec01ea9cc7d841313a8f4658f0.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
BOS50-P4
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://s.sharethis.com/loader.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
kUtCOgh9DgRNLwd_t9TUrW9jX2rgtnsItx1y3xZwmpfMpdxvRs4Z5A==
sites.css
cdn2.editmysite.com/css/ 		206 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/css/sites.css?buildTime=1680733730
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Sat, 14 Oct 2023 10:15:01 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
300824
X-Cache
HIT, HIT
X-Host
grn112.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
29663
X-Served-By
cache-sjc10065-SJC, cache-yyz4552-YYZ
Last-Modified
Fri, 29 Sep 2023 15:49:47 GMT
Server
nginx
X-Timer
S1696369726.481136,VS0,VE0
ETag
W/"6516f21b-337f6"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
18, 73
fancybox.css
cdn2.editmysite.com/css/old/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/css/old/fancybox.css?1234
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Thu, 12 Oct 2023 08:08:56 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
481190
X-Cache
HIT, HIT
X-Host
grn139.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
1218
X-Served-By
cache-sjc10077-SJC, cache-yyz4568-YYZ
Last-Modified
Wed, 27 Sep 2023 19:15:30 GMT
Server
nginx
X-Timer
S1696369726.481503,VS0,VE0
ETag
"65147f52-f47"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
59, 101
social-icons.css
cdn2.editmysite.com/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/css/social-icons.css?buildtime=1234
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6647c78ffae821d39f6378a5df536714edb9449a50d3b3457dd1e94505c2ae55

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Thu, 12 Oct 2023 07:38:49 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
482997
X-Cache
HIT, HIT
X-Host
grn129.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
1640
X-Served-By
cache-sjc10023-SJC, cache-yyz4566-YYZ
Last-Modified
Wed, 27 Sep 2023 19:15:24 GMT
Server
nginx
X-Timer
S1696369726.479955,VS0,VE0
ETag
W/"65147f4c-3319"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
17, 15
main_style.css
www.messagesfromspirit.ca/files/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.messagesfromspirit.ca/files/main_style.css?1680744835
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
nginx /
Resource Hash
85365759ea7e00efc0deaf42bed1128b271d767931c2bbebdeea1a49b2a43537

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/spirit-removal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
text/css
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
X-Host
blu14.sf2p.intern.weebly.net
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
font.css
cdn2.editmysite.com/fonts/Actor/ 		428 B
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Actor/font.css?2
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ee7767e8db3e92faebc5bddaeabb5e5110d70e5d901de5179ffa852fc3ed490

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Mon, 09 Oct 2023 16:29:01 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
710385
X-Cache
HIT, HIT
X-Host
grn84.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
239
X-Served-By
cache-sjc1000147-SJC, cache-yyz4550-YYZ
Last-Modified
Fri, 22 Sep 2023 17:36:20 GMT
Server
nginx
X-Timer
S1696369726.480740,VS0,VE0
ETag
"650dd094-1ac"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
660, 42
font.css
cdn2.editmysite.com/fonts/Cabin/ 		2 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Cabin/font.css?2
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4f2de5b6b0ce67eb0bdb6bdb1a0272ce6c6a17d9632ec9a090565d339836ab1

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Wed, 11 Oct 2023 07:34:09 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
569677
X-Cache
HIT, HIT
X-Host
grn136.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
323
X-Served-By
cache-sjc10064-SJC, cache-yyz4532-YYZ
Last-Modified
Mon, 25 Sep 2023 21:35:17 GMT
Server
nginx
X-Timer
S1696369726.481368,VS0,VE0
ETag
"6511fd15-6ae"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
1833, 3
font.css
cdn2.editmysite.com/fonts/Source_Sans_Pro/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Source_Sans_Pro/font.css?2
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fadc809f28d03440e5b8164303090b33ec2704fa1ca42a57636eddfb32c88dc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Mon, 16 Oct 2023 14:42:20 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
111986
X-Cache
HIT, HIT
X-Host
blu139.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
404
X-Served-By
cache-sjc10077-SJC, cache-yyz4551-YYZ
Last-Modified
Fri, 29 Sep 2023 15:47:00 GMT
Server
nginx
X-Timer
S1696369726.481721,VS0,VE0
ETag
"6516f174-df8"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
693, 3
font.css
cdn2.editmysite.com/fonts/Lato/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Lato/font.css?2
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb2642e037c6e74eace100541b7e6776ecaf14371b49e4decf7831bfb0a7147b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Tue, 17 Oct 2023 11:01:00 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
38866
X-Cache
HIT, HIT
X-Host
grn147.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
365
X-Served-By
cache-sjc1000096-SJC, cache-yyz4566-YYZ
Last-Modified
Mon, 02 Oct 2023 18:07:36 GMT
Server
nginx
X-Timer
S1696369726.499904,VS0,VE0
ETag
"651b06e8-a0c"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
24, 449
font.css
cdn2.editmysite.com/fonts/Bebas/ 		162 B
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Bebas/font.css?2
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e8941f309177ab01f8c6eb9cef3676f52003b1675102b882806dbe9cb14893a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Fri, 13 Oct 2023 08:08:05 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
394840
X-Cache
HIT, HIT
X-Host
grn92.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
128
X-Served-By
cache-sjc1000106-SJC, cache-yyz4550-YYZ
Last-Modified
Thu, 28 Sep 2023 17:22:32 GMT
Server
nginx
X-Timer
S1696369727.500954,VS0,VE0
ETag
"6515b658-a2"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
2709, 29
templateArtifacts.js
www.messagesfromspirit.ca/files/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.messagesfromspirit.ca/files/templateArtifacts.js?1680744835
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
nginx /
Resource Hash
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/spirit-removal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
application/x-javascript
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
X-Host
blu70.sf2p.intern.weebly.net
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
jquery-1.8.3.min.js
cdn2.editmysite.com/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-cache-hits
22, 27940
date
Tue, 03 Oct 2023 21:48:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1204831
x-cache
HIT, HIT
x-host
blu25.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33467
x-served-by
cache-sjc10032-SJC, cache-yyz4579-YYZ
last-modified
Tue, 19 Sep 2023 22:28:14 GMT
server
nginx
x-timer
S1696369727.502483,VS0,VE0
etag
"650a207e-16dc4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 03 Oct 2023 23:08:14 GMT
stl.js
cdn2.editmysite.com/js/lang/en/ 		178 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1234&
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f17849278ea3971ca67fe008881f2e042351b3b0f279c38efde4f4b02ab8f75

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Tue, 10 Oct 2023 12:06:44 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
639722
X-Cache
HIT, HIT
X-Host
grn99.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
33051
X-Served-By
cache-sjc10047-SJC, cache-yyz4532-YYZ
Last-Modified
Mon, 25 Sep 2023 21:37:51 GMT
Server
nginx
X-Timer
S1696369727.502044,VS0,VE0
ETag
"6511fdaf-2c7eb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
52, 114
main.js
cdn2.editmysite.com/js/site/ 		466 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/js/site/main.js?buildTime=1680733730
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Tue, 10 Oct 2023 10:59:17 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
643768
X-Cache
HIT, HIT
X-Host
blu100.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
146401
X-Served-By
cache-sjc1000092-SJC, cache-yyz4568-YYZ
Last-Modified
Mon, 25 Sep 2023 21:39:27 GMT
Server
nginx
X-Timer
S1696369727.501357,VS0,VE0
ETag
"6511fe0f-74804"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
37, 31599
stl.js
cdn2.editmysite.com/js/lang/en/ 		178 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1680733730&
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f17849278ea3971ca67fe008881f2e042351b3b0f279c38efde4f4b02ab8f75

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Mon, 09 Oct 2023 14:55:11 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
716015
X-Cache
HIT, HIT
X-Host
grn63.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
33051
X-Served-By
cache-sjc10079-SJC, cache-yyz4551-YYZ
Last-Modified
Sun, 24 Sep 2023 13:52:09 GMT
Server
nginx
X-Timer
S1696369727.501840,VS0,VE0
ETag
"65103f09-2c7eb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
5, 9
theme-plugins.js
cdn2.editmysite.com/js/site/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/js/site/theme-plugins.js?buildTime=1680733730
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4f595f154c135e6631df3e3a986a1fdebda177a47a91cbb9e645d37a0e03311

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Wed, 11 Oct 2023 07:38:50 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
569397
X-Cache
HIT, HIT
X-Host
grn158.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
3747
X-Served-By
cache-sjc1000119-SJC, cache-yyz4566-YYZ
Last-Modified
Tue, 26 Sep 2023 19:10:36 GMT
Server
nginx
X-Timer
S1696369727.519926,VS0,VE1
ETag
"65132cac-314e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
38, 1
plugins.js
www.messagesfromspirit.ca/files/theme/ 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.messagesfromspirit.ca/files/theme/plugins.js?1536078196
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
nginx /
Resource Hash
b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/spirit-removal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
X-Storage-Object
b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
Last-Modified
Sat, 02 Apr 2022 08:42:51 GMT
Server
nginx
x-amz-request-id
tx000000000000001a8b169-0062847677-b9fbc77-sfo1
ETag
W/"4cf5477130f7311a5f0af1ecaf425ee4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
x-rgw-object-type
Normal
X-Storage-Bucket
zb83c
X-Host
grn125.sf2p.intern.weebly.net
Connection
keep-alive
custom.js
www.messagesfromspirit.ca/files/theme/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.messagesfromspirit.ca/files/theme/custom.js?1536078196
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
nginx /
Resource Hash
09ebc712b649d3d4598207980101cd648cc6020ee0bfbb7ee38774318cdef3a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/spirit-removal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
X-Storage-Object
09ebc712b649d3d4598207980101cd648cc6020ee0bfbb7ee38774318cdef3a6
Last-Modified
Thu, 13 Jul 2023 07:28:56 GMT
Server
nginx
x-amz-request-id
tx00000a6b62ba4e900c4e3-006514a8b7-db1a132-sfo1
ETag
"2b0353c06ab40e57f33edb8b523665a4"
Content-Type
text/css
x-rgw-object-type
Normal
X-Storage-Bucket
z09eb
X-Host
grn146.sf2p.intern.weebly.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3281
mobile.js
www.messagesfromspirit.ca/files/theme/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.messagesfromspirit.ca/files/theme/mobile.js?1536078196
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
nginx /
Resource Hash
c64f925bf80e6f3fe7c613726e8c011334a61fbe3a6071c77966c812cfacf269

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/spirit-removal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
X-Storage-Object
c64f925bf80e6f3fe7c613726e8c011334a61fbe3a6071c77966c812cfacf269
Last-Modified
Mon, 04 Jan 2021 20:41:48 GMT
Server
nginx
x-amz-request-id
tx000000000000002163f2d-006165ad77-1ff9432-las
ETag
W/"3ea9513d9ec2d29696fe868fc83ba655"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Storage-Bucket
zc64f
X-Host
blu14.sf2p.intern.weebly.net
Connection
keep-alive
main-customer-accounts-site.js
cdn2.editmysite.com/js/site/ 		522 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1680733730
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Fri, 13 Oct 2023 09:44:32 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
389055
X-Cache
HIT, HIT
X-Host
grn38.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
159104
X-Served-By
cache-sjc1000133-SJC, cache-yyz4550-YYZ
Last-Modified
Thu, 28 Sep 2023 21:19:05 GMT
Server
nginx
X-Timer
S1696369727.520951,VS0,VE0
ETag
"6515edc9-826d7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
16, 2
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-15.bos50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 20:54:39 GMT
content-encoding
gzip
via
1.1 1e8a8ab84eba884d9ab3f841aa96a1e0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
BOS50-C2
age
176047
x-cache
Hit from cloudfront
content-length
18813
server
nginx/1.20.1
etag
W/"64f2261e-16245"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
d8t7e4dTvcDIam-0xBZ8YqYjwO-ULNNNZ9ZvH7QV7k2jdImLi6yq2Q==
expires
Wed, 04 Oct 2023 20:54:39 GMT
pview
l.sharethis.com/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1696369726668.21629&hostname=www.messagesfromspirit.ca&location=%2Fspirit-removal.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fwww.messagesfromspirit.ca%2Fspirit-removal.html&title=Entity%20Removal%2C%20Spirit%20Removal%2C%20Demon%20Possession%20Removal&sop=false&description=Psychic%20Parties%2C%20Psychic%20Medium%2C%20Psychic%20Readings%2C%20Psychic%20Teacher%2C%20Reiki%2C%20Therapeutic%20Touch%2C%20ontario%20psychic%20medium%2C%20bowmanville%20psychic%20medium%2C%20ajax%2Cpsychic%20medium%20whitby%2Cpsychic%20medium%20oshawa%2Cpsychic%20medium%20toronto%2Cpsychic%20medium%20pickering%2C%20Canada%20%2CEnt
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.237.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-237-221.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
http://www.messagesfromspirit.ca
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
walkme_f14d17c5d1c44419b18bc2a4fb6ace4b_https.js
d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/walkme_f14d17c5d1c44419b18bc2a4fb6ace4b_https.js
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c952897edcd4c46fb4773f5e8b1fb3692dfb9df129022f484e693e757e2441c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:47 GMT
Content-Encoding
gzip
Via
1.1 810a9accae2b6588bfefcc0e0dd6f31e.cloudfront.net (CloudFront)
x-amz-version-id
null
Last-Modified
Tue, 05 Aug 2014 15:50:58 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BOS50-C1
ETag
"cf8c0971f8cf5e825e6cab3636767a18"
X-Cache
Miss from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3227
X-Amz-Cf-Id
_5AhnEmJWkZpEIMDTMOAYfTeDFesiv6Cr4vj-7VqoemTZAH5HsnbOQ==
loader.js
www.vcita.com/widgets/active_engage/7e2e13a0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.vcita.com/widgets/active_engage/7e2e13a0/loader.js
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c38eaa46dfc8528e865a44ccd1cfe658107889cc5530357a6f3a1f945c8097
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Status
200 OK
Connection
keep-alive
X-Request-Id
cf41893c8e0026d019a8c9742e76acd1
X-UA-Compatible
IE=Edge,chrome=1
Pragma
no-cache
X-Runtime
0.009426
Last-Modified
Tue, 03 Oct 2023 21:48:46 GMT
Server
cloudflare
X-Frame-Options
ALLOWALL
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
CF-RAY
810864282f2c36a0-YYZ
X-Rack-Cache
miss
Expires
Fri, 01 Jan 1990 00:00:00 GMT
search.png
www.messagesfromspirit.ca/files/theme/images/ 		336 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.messagesfromspirit.ca/files/theme/images/search.png?1680744835
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/files/main_style.css?1680744835
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
nginx /
Resource Hash
a4eb3706e364405509ed18574a70a8836b3a2b334ed04df1d10ca33bf3421545

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/files/main_style.css?1680744835
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
X-Storage-Object
a4eb3706e364405509ed18574a70a8836b3a2b334ed04df1d10ca33bf3421545
Last-Modified
Mon, 23 Mar 2020 03:05:44 GMT
Server
nginx
x-amz-request-id
tx000007c97ac5ea10e3881-00650f78fa-db1c67d-sfo1
ETag
"73961c5d56f2a3f06ea821b0e749206c"
Content-Type
image/png; charset=binary
x-rgw-object-type
Normal
X-Storage-Bucket
za4eb
X-Host
grn65.sf2p.intern.weebly.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
336
968043392.png
www.messagesfromspirit.ca/uploads/1/9/8/6/19863981/background-images/ 		409 KB
410 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.messagesfromspirit.ca/uploads/1/9/8/6/19863981/background-images/968043392.png
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
nginx /
Resource Hash
163b64f156a83755e30616fc0537a9617123f13dc7c6c64a1bc0d5a7ed1df524

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/spirit-removal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
X-Storage-Object
163b64f156a83755e30616fc0537a9617123f13dc7c6c64a1bc0d5a7ed1df524
Last-Modified
Tue, 28 Jan 2020 16:10:28 GMT
Server
nginx
x-amz-request-id
tx0000000000000026ce050-00628513e5-b9fbc64-sfo1
ETag
"431ba8741550fe6f532b26a78961c825"
Content-Type
image/png
x-rgw-object-type
Normal
X-Storage-Bucket
z163b
X-Host
blu151.sf2p.intern.weebly.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
419152
light.woff2
cdn2.editmysite.com/fonts/Lato/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Lato/light.woff2
Requested by
Host: cdn2.editmysite.com
URL: http://cdn2.editmysite.com/fonts/Lato/font.css?2
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Request headers

Referer
http://cdn2.editmysite.com/fonts/Lato/font.css?2
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Cache-Hits
15, 727
Date
Tue, 03 Oct 2023 21:48:46 GMT
Via
1.1 varnish, 1.1 varnish
Age
630303
X-Cache
HIT, HIT
X-Host
grn108.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
23236
X-Served-By
cache-sjc1000143-SJC, cache-yyz4560-YYZ
Last-Modified
Mon, 25 Sep 2023 21:35:17 GMT
Server
nginx
X-Timer
S1696369727.785419,VS0,VE0
ETag
"6511fd15-5ac4"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Expires
Tue, 10 Oct 2023 14:43:44 GMT
regular.woff2
cdn2.editmysite.com/fonts/Lato/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Lato/regular.woff2
Requested by
Host: cdn2.editmysite.com
URL: http://cdn2.editmysite.com/fonts/Lato/font.css?2
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
http://cdn2.editmysite.com/fonts/Lato/font.css?2
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Cache-Hits
55, 294
Date
Tue, 03 Oct 2023 21:48:46 GMT
Via
1.1 varnish, 1.1 varnish
Age
1167386
X-Cache
HIT, HIT
X-Host
grn97.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
23580
X-Served-By
cache-sjc1000089-SJC, cache-yyz4541-YYZ
Last-Modified
Tue, 19 Sep 2023 16:36:43 GMT
Server
nginx
X-Timer
S1696369727.785557,VS0,VE0
ETag
"6509ce1b-5c1c"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Expires
Wed, 04 Oct 2023 09:32:21 GMT
regular.woff2
cdn2.editmysite.com/fonts/Actor/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Actor/regular.woff2
Requested by
Host: cdn2.editmysite.com
URL: http://cdn2.editmysite.com/fonts/Actor/font.css?2
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b31aaefa522d67846638fa4181bbb22375bd0cb1beb37d514609c3821953161a

Request headers

Referer
http://cdn2.editmysite.com/fonts/Actor/font.css?2
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Cache-Hits
3030, 35
Date
Tue, 03 Oct 2023 21:48:46 GMT
Via
1.1 varnish, 1.1 varnish
Age
370480
X-Cache
HIT, HIT
X-Host
grn127.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
21976
X-Served-By
cache-sjc10062-SJC, cache-yyz4555-YYZ
Last-Modified
Thu, 28 Sep 2023 17:22:32 GMT
Server
nginx
X-Timer
S1696369727.785002,VS0,VE0
ETag
"6515b658-55d8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Expires
Fri, 13 Oct 2023 14:54:06 GMT
bold.woff2
cdn2.editmysite.com/fonts/Cabin/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/Cabin/bold.woff2
Requested by
Host: cdn2.editmysite.com
URL: http://cdn2.editmysite.com/fonts/Cabin/font.css?2
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661

Request headers

Referer
http://cdn2.editmysite.com/fonts/Cabin/font.css?2
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Cache-Hits
1391, 40
Date
Tue, 03 Oct 2023 21:48:46 GMT
Via
1.1 varnish, 1.1 varnish
Age
591608
X-Cache
HIT, HIT
X-Host
grn80.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
15168
X-Served-By
cache-sjc1000138-SJC, cache-yyz4551-YYZ
Last-Modified
Mon, 25 Sep 2023 21:35:17 GMT
Server
nginx
X-Timer
S1696369727.786010,VS0,VE0
ETag
"6511fd15-3b40"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Expires
Wed, 11 Oct 2023 01:28:37 GMT
wsocial.woff
cdn2.editmysite.com/fonts/wSocial/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1695842124253
Requested by
Host: cdn2.editmysite.com
URL: http://cdn2.editmysite.com/css/social-icons.css?buildtime=1234
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df

Request headers

Referer
http://cdn2.editmysite.com/css/social-icons.css?buildtime=1234
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Cache-Hits
5, 458
Date
Tue, 03 Oct 2023 21:48:46 GMT
Via
1.1 varnish, 1.1 varnish
Age
526288
X-Cache
HIT, HIT
X-Host
blu10.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
2636
X-Served-By
cache-sjc1000120-SJC, cache-yyz4574-YYZ
Last-Modified
Wed, 27 Sep 2023 18:25:51 GMT
Server
nginx
X-Timer
S1696369727.785693,VS0,VE0
ETag
"651473af-a4c"
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Expires
Wed, 11 Oct 2023 19:37:19 GMT
snowday262.js
cdn2.editmysite.com/js/wsnbn/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Server
151.101.1.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Thu, 12 Oct 2023 08:49:33 GMT
Date
Tue, 03 Oct 2023 21:48:46 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
478754
X-Cache
HIT, HIT
X-Host
grn57.sf2p.intern.weebly.net
Connection
keep-alive
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
25752
X-Served-By
cache-sjc10061-SJC, cache-yyz4550-YYZ
Last-Modified
Wed, 27 Sep 2023 19:15:14 GMT
Server
nginx
X-Timer
S1696369727.788323,VS0,VE0
ETag
"65147f42-124fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
17, 20825
/
www.messagesfromspirit.ca/ajax/api/JsonRPC/CustomerAccounts/ 		348 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.messagesfromspirit.ca/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Server
199.34.228.58 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-14.weebly.com
Software
Apache /
Resource Hash
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://www.messagesfromspirit.ca/spirit-removal.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Server
Apache
Vary
X-W-SSL,User-Agent
Content-Type
application/json
X-Host
blu95.sf2p.intern.weebly.net
Connection
Keep-Alive
Keep-Alive
timeout=10, max=62
Content-Length
348
X-UA-Compatible
IE=edge,chrome=1
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-15.bos50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 10:47:55 GMT
content-encoding
gzip
via
1.1 1e8a8ab84eba884d9ab3f841aa96a1e0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 01 Sep 2023 17:57:50 GMT
server
nginx/1.20.1
x-amz-cf-pop
BOS50-C2
age
39653
etag
W/"64f2261e-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
4yq61tWL4GAsrfG4chpMPrzJ7P_4f3K4cnNCUkm1_fAo692KhNiEnQ==
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Server
52.88.202.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-202-252.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.messagesfromspirit.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, SP-Anonymous
Access-Control-Allow-Origin
http://www.messagesfromspirit.ca
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Tue, 03 Oct 2023 21:48:46 GMT
Server
nginx
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ 		2 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn2.editmysite.com
URL: http://cdn2.editmysite.com/js/wsnbn/snowday262.js
Protocol
HTTP/1.1
Server
52.88.202.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-202-252.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.messagesfromspirit.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Tue, 03 Oct 2023 21:48:47 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
http://www.messagesfromspirit.ca
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1696369726668.21629&hostname=www.messagesfromspirit.ca&location=%2Fspirit-removal.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fwww.messagesfromspirit.ca%2Fspirit-removal.html&title=Entity%20Removal%2C%20Spirit%20Removal%2C%20Demon%20Possession%20Removal&sop=false&description=Psychic%20Parties%2C%20Psychic%20Medium%2C%20Psychic%20Readings%2C%20Psychic%20Teacher%2C%20Reiki%2C%20Therapeutic%20Touch%2C%20ontario%20psychic%20medium%2C%20bowmanville%20psychic%20medium%2C%20ajax%2Cpsychic%20medium%20whitby%2Cpsychic%20medium%20oshawa%2Cpsychic%20medium%20toronto%2Cpsychic%20medium%20pickering%2C%20Canada%20%2CEnt&description=Psychic%20Parties%2C%20Psychic%20Medium%2C%20Psychic%20Readings%2C%20Psychic%20Teacher%2C%20Reiki%2C%20Therapeutic%20Touch%2C%20ontario%20psychic%20medium%2C%20bowmanville%20psychic%20medium%2C%20ajax%2Cpsychic%20medium%20whitby%2Cpsychic%20medium%20oshawa%2Cpsychic%20medium%20toronto%2Cpsychic%20medium%20pickering%2C%20Canada%20%2CEnt&img_pview=true
Requested by
Host: www.messagesfromspirit.ca
URL: http://www.messagesfromspirit.ca/spirit-removal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.237.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-237-221.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:46 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
wmjQuery171.js
d3b3ehuo35wzeh.cloudfront.net/player/resources/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/player/resources/wmjQuery171.js
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/walkme_f14d17c5d1c44419b18bc2a4fb6ace4b_https.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 13:35:47 GMT
Content-Encoding
gzip
Via
1.1 810a9accae2b6588bfefcc0e0dd6f31e.cloudfront.net (CloudFront)
x-amz-version-id
dlOIL_rgT0aloi1SfIVB2qBEX5hN4XKk
X-Amz-Cf-Pop
BOS50-C1
Age
6250380
x-amz-meta-cb-modifiedtime
Sun, 14 Apr 2013 07:28:19 GMT
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
33167
Last-Modified
Sun, 10 Jan 2016 09:10:17 GMT
Server
AmazonS3
ETag
"bd856ab0099e8b88daeced6a21ed1398"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
2F7buhnVMpLaaHLR1aEOyDoK4QBcUIf1gGBFm8mb5xTDCrXQiU63JA==
livesite.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		179 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1696369
Requested by
Host: www.vcita.com
URL: http://www.vcita.com/widgets/active_engage/7e2e13a0/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.166.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-166-207.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c8352ddf516bf97f2cefd10041a447856f6e3e5dd29ac68fa615bfd152aad33

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
b3IBf74yUuY9XS85q62tge1igy2reaWu
content-encoding
gzip
via
1.1 50945a5e55ce0bb0d3d24dbb2736a0a2.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 13:17:42 GMT
last-modified
Sun, 01 Oct 2023 07:18:22 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P3
age
30666
x-amz-server-side-encryption
AES256
etag
W/"c99ad10a6956108fd9a07f8a1c843444"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
Nnz332Fvvz7_3112us_nsIvzwue_Mu1SkrKObZ-UJz2guoBjqUHKeQ==
livesite.css
d2ra6nuwn69ktl.cloudfront.net/assets/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1696369
Requested by
Host: d2ra6nuwn69ktl.cloudfront.net
URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1696369
Protocol
HTTP/1.1
Server
18.239.166.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-166-110.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37b2b6bcaa962911c573ad1dd941b1368590942523a46cabbc5060c3ab32d1f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
2HgVG8lDeXfujwAw3UQn0V.DVrvqzFi6
Content-Encoding
gzip
Via
1.1 36f53e714a45084349e1f86b8e59163e.cloudfront.net (CloudFront)
Date
Tue, 03 Oct 2023 12:32:24 GMT
X-Amz-Cf-Pop
BOS50-P3
Age
33384
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Sun, 01 Oct 2023 07:18:22 GMT
Server
AmazonS3
ETag
W/"b431455f98e64a9a5dc2de77b831d129"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
Yzwmh3UePsxfcRia_mgNhTWVny_aqmKEYZv5Bf8RZTr8M8CdnGC3qg==
css
fonts.googleapis.com/ 		28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Caudex|Overlock|Patrick+Hand|Jockey+One|Sarina|Niconne|Fredericka+the+Great|Corben|Kelly+Slab|Marck+Script|Mr+De+Haviland|Lobster|Anton|Josefin+Slab|EB+Garamond|Basic|Chelsea+Market|Enriqueta|Forum|Jura|Noticia+Text|Open+Sans|Play|Signika|Spinnaker:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Requested by
Host: d2ra6nuwn69ktl.cloudfront.net
URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1696369
Protocol
HTTP/1.1
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
c9f3a4c95441b79578439500a7b00c8029ab2cdf5eb2b5a0c82e4d5bd4ae0fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 03 Oct 2023 21:48:47 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 03 Oct 2023 21:48:47 GMT
settings.txt
s3.amazonaws.com/s3.maketutorial.com/users/f14d17c5d1c44419b18bc2a4fb6ace4b/ 		775 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/s3.maketutorial.com/users/f14d17c5d1c44419b18bc2a4fb6ace4b/settings.txt?callback=fixedCallback&_=1696369727211
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/player/resources/wmjQuery171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.199.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0f06a4a31e95735a079eb95221da328e88ed7a53fc7b9aba5a337efa9da6582b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:48 GMT
x-amz-version-id
null
Last-Modified
Tue, 05 Aug 2014 15:50:58 GMT
Server
AmazonS3
x-amz-request-id
V4NRKDDX88JPKBRY
ETag
"73199f64f4fd6cc8ca86ad366c643a4f"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
775
x-amz-id-2
gZEFN1NlZrDmoJMUs/pzuOZdi+24TFyKpwn/GdNPG0e55iqTRJPMZPqDNYZuylNQ7meDNJl9TPs=
icomoon.woff
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd
Requested by
Host: d2ra6nuwn69ktl.cloudfront.net
URL: http://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1696369
Protocol
HTTP/1.1
Server
18.239.166.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-166-110.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2

Request headers

Referer
http://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1696369
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:48 GMT
x-amz-version-id
DIwgAkjkKv7MDMoJSLPgNw1i_N2d1udL
Via
1.1 98a2408b3b4b69a27b379f8fee01d49a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BOS50-P3
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
65516
Last-Modified
Sun, 01 Oct 2023 07:18:11 GMT
Server
AmazonS3
ETag
"db122b8081b800020ab23b71c1214b92"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
Qc_Wc-FcNHR_SyvOH0Hwjsw93H2B_xHwQF7K5bPn5Re9x91LlRpmcA==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Caudex|Overlock|Patrick+Hand|Jockey+One|Sarina|Niconne|Fredericka+the+Great|Corben|Kelly+Slab|Marck+Script|Mr+De+Haviland|Lobster|Anton|Josefin+Slab|EB+Garamond|Basic|Chelsea+Market|Enriqueta|Forum|Jura|Noticia+Text|Open+Sans|Play|Signika|Spinnaker:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Protocol
HTTP/1.1
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 07:56:49 GMT
X-Content-Type-Options
nosniff
Age
568318
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
18664
X-XSS-Protection
0
Last-Modified
Thu, 14 Sep 2023 01:36:18 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 26 Sep 2024 07:56:49 GMT
active_engage_gate
www.vcita.com/api/client_zones/7e2e13a0/account/ Frame C6A9
Redirect Chain
  • http://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate
  • https://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate
Requested by
Host: d2ra6nuwn69ktl.cloudfront.net
URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1696369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4342c561408b4adc3c45aeec0754cde812fd14b7dab9cc6e2d5019a27c9a5f11
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
http://www.messagesfromspirit.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8108642d49bb3704-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 21:48:47 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
cloudflare
status
200 OK
x-frame-options
ALLOWALL
x-rack-cache
miss
x-request-id
1a670d16172fa337e61336c7f0b68c9c
x-runtime
0.007342
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8108642c8f7436a0-YYZ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Oct 2023 21:48:47 GMT
Location
https://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Server
cloudflare
Status
302 Found
Transfer-Encoding
chunked
X-Frame-Options
ALLOWALL
X-Rack-Cache
miss
X-Request-Id
fa1ea2da1a8f60890fc050e8696c7d3d
X-Runtime
0.005987
X-UA-Compatible
IE=Edge,chrome=1
normal_hf6r9m7yhx4zfep9zn10c7y9afyhf71o.png
c15117557.ssl.cf2.rackcdn.com/avatar/image/357459/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c15117557.ssl.cf2.rackcdn.com/avatar/image/357459/normal_hf6r9m7yhx4zfep9zn10c7y9afyhf71o.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.0.173 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-0-173.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abb0bc89f74a084911cec2e2f9f2882b0df2250001a2c70a0a76779cfbca6ccc

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:47 GMT
Last-Modified
Wed, 07 Dec 2016 00:08:10 GMT
ETag
e42b5af2070b04664ab0f391d8a9b9ff
Content-Type
image/png
X-Timestamp
1481069289.50220
Cache-Control
public, max-age=238451
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx81b0a38c8cfa4466a99c4-006501b1d4ord1
Content-Length
10494
Expires
Fri, 06 Oct 2023 16:02:58 GMT
i
www.vcita.com/tr_pics/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.vcita.com/tr_pics/i?p=445664&o=bG9hZGVy
Protocol
HTTP/1.1
Server
104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:47 GMT
CF-Cache-Status
DYNAMIC
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Status
200 OK
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
X-Request-Id
4ecfeaf2012d336052e20935d01448e0
X-UA-Compatible
IE=Edge,chrome=1
Pragma
no-cache
X-Runtime
0.019790
Server
cloudflare
X-Frame-Options
ALLOWALL
Content-Type
image/gif
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
CF-RAY
8108642b5da136a0-YYZ
X-Rack-Cache
miss
Expires
Fri, 01 Jan 1990 00:00:00 GMT
icomoon.woff
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/icomoon.woff?84yycz
Requested by
Host: d2ra6nuwn69ktl.cloudfront.net
URL: http://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1696369
Protocol
HTTP/1.1
Server
18.239.166.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-166-110.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b

Request headers

Referer
http://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1696369
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:48 GMT
x-amz-version-id
7uLvS6wyAuF8ftJ6aczg03D.UYZcHCAR
Via
1.1 98a2408b3b4b69a27b379f8fee01d49a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BOS50-P3
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
18204
Last-Modified
Sun, 01 Oct 2023 07:18:10 GMT
Server
AmazonS3
ETag
"5906d6e34193a2fd84132c877ce62b6a"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
-LjRs1cGu7ytzaMKxY04Gzo9qW_-k-evAkeCXgPUm7Ps8tsH41L6Yw==
maketutorial_lib_382.js
d3b3ehuo35wzeh.cloudfront.net/player/lib/ 		370 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/player/lib/maketutorial_lib_382.js
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/walkme_f14d17c5d1c44419b18bc2a4fb6ace4b_https.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fb90026b126c381ee886f6e0fe449ba88cfc74b0085e1006c125551ef471719

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:48 GMT
Content-Encoding
gzip
Via
1.1 810a9accae2b6588bfefcc0e0dd6f31e.cloudfront.net (CloudFront)
x-amz-version-id
null
Last-Modified
Tue, 01 Jul 2014 07:58:37 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BOS50-C1
ETag
"a835d375b2e41ac68ba0260164848da0"
X-Cache
Miss from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118708
X-Amz-Cf-Id
j-P_vtJDG_y4Cp9as10vclnwwL4A2cc7j4o2J-sc6D_9_f1haTeyag==
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame C6A9 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: www.vcita.com
URL: https://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://www.vcita.com/
Origin
https://www.vcita.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 21:48:47 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8108642e0c4e39fb-YYZ
data_a27c0b4f6c2343688c16103e95382d2e.js
d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/data_a27c0b4f6c2343688c16103e95382d2e.js
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/player/lib/maketutorial_lib_382.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8802abb3b383ff337f78b74ebfc5a3e6fb21657da18c1b403cf8ab5bbcf57a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:48 GMT
Content-Encoding
gzip
Via
1.1 810a9accae2b6588bfefcc0e0dd6f31e.cloudfront.net (CloudFront)
x-amz-version-id
null
Last-Modified
Tue, 05 Aug 2014 15:50:58 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BOS50-C1
ETag
"bb0e5c032e41c59fb6224ae18375a6ad"
X-Cache
Miss from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3294
X-Amz-Cf-Id
JH2biQ8AkNxkuofTLjJdQYqcdayWLVfJVBzUmG3IOj7W-or5BR-JEQ==
rum
www.vcita.com/cdn-cgi/ Frame C6A9 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.vcita.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.vcita.com/api/client_zones/7e2e13a0/account/active_engage_gate
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json

Response headers

date
Tue, 03 Oct 2023 21:48:47 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.vcita.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8108642ebc4e3704-YYZ
opensans.js
d3b3ehuo35wzeh.cloudfront.net/player/resources/fonts/ 		66 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/player/resources/fonts/opensans.js
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/player/resources/wmjQuery171.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db6b25bb6ccabdbd425d7b1c871c5d0b3588cc5c51936d4f6ecaa8f92c6e7b03

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 13:58:00 GMT
x-amz-version-id
rAFCWxTL86C.ZHLzZe9V1dX9A1JJFkDd
Via
1.1 810a9accae2b6588bfefcc0e0dd6f31e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BOS50-C1
Age
6162648
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
67765
Last-Modified
Sun, 12 Feb 2023 07:35:31 GMT
Server
AmazonS3
ETag
"f0929eacd329b25f2c32b513ae2bb075"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
zy1kc7QMq8emV92iX6SbU6RdRcr362LePq3r0sTFiwqtbTonK_NYPg==
UniqueEndUser
d3sbxpiag177w8.cloudfront.net/Analytics/ 		0
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3sbxpiag177w8.cloudfront.net/Analytics/UniqueEndUser?callback=mtjQuery17107685393249022527_1696369726979&userId=f14d17c5d1c44419b18bc2a4fb6ace4b&permutationId=-1&endUserGuid=f8f96dda-e3af-3814-ad75-23831990a440&_=1696369727895
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/player/resources/wmjQuery171.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.176.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-176-187.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 17:23:59 GMT
x-amz-version-id
null
Via
1.1 9773a5091daf4b94a65f88adf32fd1fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BOS50-P4
Age
9001489
x-amz-meta-cb-modifiedtime
Thu, 22 Aug 2013 07:51:01 GMT
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Thu, 07 Nov 2013 16:17:32 GMT
Server
AmazonS3
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
w6wjBSVtlsXH7d5RUn8AxDpPg8KcpBIfU1GKwzUC1V8RleqDlMuKRQ==
widget_c7635be1011946738c70026b2c172f64.js
d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/ 		374 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/users/f14d17c5d1c44419b18bc2a4fb6ace4b/widget_c7635be1011946738c70026b2c172f64.js
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/player/lib/maketutorial_lib_382.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff1a5902ef98eff0cce0346a024c51a3888b316115995aa4536cf1a275c37553

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:48 GMT
Content-Encoding
gzip
Via
1.1 810a9accae2b6588bfefcc0e0dd6f31e.cloudfront.net (CloudFront)
x-amz-version-id
null
Last-Modified
Tue, 05 Aug 2014 15:50:58 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BOS50-C1
ETag
"cf3a76e1052825dcec7b076a3aa20ec6"
X-Cache
Miss from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48237
X-Amz-Cf-Id
FmD1IGWv5DM42sq3J2M0XYyTzqjHyNy3H2Rqdf9oImCl0jnsTimg7w==
white-blue-bottom-left.png
d3b3ehuo35wzeh.cloudfront.net/player/resources/images/player/zambezi/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/player/resources/images/player/zambezi/white-blue-bottom-left.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b659f368fb72cdd08562c8e3d3b079a6bf9ffb5d7c9d83c572b5b41802245d6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:49 GMT
x-amz-version-id
rZKz7zQUHVXOqab7nQNMR1kWSIjRi_fU
Via
1.1 810a9accae2b6588bfefcc0e0dd6f31e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BOS50-C1
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
1067
Last-Modified
Sun, 06 Nov 2022 08:19:22 GMT
Server
AmazonS3
ETag
"e88056655555aa4706b61f7add776a50"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
mKNzn9yhbEgzNQ7EK4ha8h63_ZoVp37ZFttW0D4ega3-7U9ss7OB9w==
lato-regular.js
d3b3ehuo35wzeh.cloudfront.net/player/resources/fonts/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/player/resources/fonts/lato-regular.js
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/player/resources/wmjQuery171.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
052b6b3e43cc9613a88d32fb3ed5ae3fd42f9456f72671788ef84c959219bb4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 23 Aug 2023 18:39:02 GMT
x-amz-version-id
SPi0CPECJ.CZqfFUI3zhiets7o7_yWy5
Via
1.1 52c5c6677e1ddc37f9c7ddc8eee96130.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BOS50-C1
Age
3553787
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
42768
Last-Modified
Wed, 31 Oct 2018 15:50:47 GMT
Server
AmazonS3
ETag
"4ac8e123914921762bfa15613cd58178"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
pNux3G2lIH1xLiM6VYxYSYrMgKz5jVBlRqHNm7ZoB0EOwMQo_r2QVQ==
widget-font.js
d3b3ehuo35wzeh.cloudfront.net/player/resources/fonts/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3b3ehuo35wzeh.cloudfront.net/player/resources/fonts/widget-font.js
Requested by
Host: d3b3ehuo35wzeh.cloudfront.net
URL: https://d3b3ehuo35wzeh.cloudfront.net/player/resources/wmjQuery171.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-65.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b105e7a17c9f97015b7ea198617fa7f79dd4bb600fcbbb8724f198c5fec5bbab

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.messagesfromspirit.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 21:48:49 GMT
x-amz-version-id
LZWWgYI_JQ_2ZE.2qFVjeI6Oi5NXBQwG
Via
1.1 52c5c6677e1ddc37f9c7ddc8eee96130.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BOS50-C1
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
6567
Last-Modified
Wed, 31 Oct 2018 15:50:44 GMT
Server
AmazonS3
ETag
"e71222067a79ea2f13e2afb387451fb6"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
bWrg3pAi7pbxUJOG-AyVQpFafygFOE1kD_9ZLSIf6BuE1_aSB-bmmQ==
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbd2b91b65bb18148b16579ec60fabf8cde4c981f7ee11f5399cdd05afd85af7

Request headers

Referer
http://www.messagesfromspirit.ca/
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
font/woff
index.html
ws.sharethis.com/secure5x/ Frame 6032 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-15.bos50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
b67dfa85cde41771dfa48e2847a960469cecc3615f1d368f11be821c4ba9cce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.messagesfromspirit.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
53474
content-encoding
gzip
content-length
4081
content-type
text/html
date
Tue, 03 Oct 2023 09:50:10 GMT
etag
W/"64f2261e-390f"
last-modified
Fri, 01 Sep 2023 17:57:50 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 1e8a8ab84eba884d9ab3f841aa96a1e0.cloudfront.net (CloudFront)
x-amz-cf-id
RPHhM0ftcJqAds5fULFs0dxocBV7NoyRV5hoWaKP3jQjPU2j4fdM8w==
x-amz-cf-pop
BOS50-C2
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow
stcommon.1f60705adac788a51a8240cf535237b0.js
ws.sharethis.com/secure5x/js/ Frame 6032 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-15.bos50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 19:16:22 GMT
content-encoding
gzip
via
1.1 1e8a8ab84eba884d9ab3f841aa96a1e0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
BOS50-C2
age
2773946
x-cache
Hit from cloudfront
content-length
5630
server
nginx/1.20.1
etag
W/"64f2261e-40f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
OK5Ygh8H2diHkwUkU4fyz6H383jT97HYjnptCJYQhRNnkr71YCugCA==
expires
Sat, 31 Aug 2024 19:16:22 GMT
st.c91e3e86cb3030cc3f9054063e7cc569.js
ws.sharethis.com/secure5x/js/ Frame 6032 		224 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/st.c91e3e86cb3030cc3f9054063e7cc569.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-15.bos50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
733a25e9493bea8707e2347326bb10751e4bebd0abcc997f40163907e3c9a998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 19:16:23 GMT
content-encoding
gzip
via
1.1 1e8a8ab84eba884d9ab3f841aa96a1e0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
BOS50-C2
age
2773945
etag
W/"64f2261e-3806d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
NYnSkGsKbDF_c8tSldW5VF-vRgRUBRUHgOg4Rh7BmASnXQ3Pa4Zl4Q==
expires
Sat, 31 Aug 2024 19:16:23 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cffd0dc02f14c8ae2bc287ce40adc77f4cfe6d3075b0bb066f404d38aa845ed

Request headers

Referer
http://www.messagesfromspirit.ca/
Origin
http://www.messagesfromspirit.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| GooglemKTybQhCsO object| google_conversion_id object| google_conversion_format object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_enable_display_cookie_match object| google_gtag_event_data object| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| google_conversion_date object| google_conversion_time object| google_conversion_js_version object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments boolean| switchTo5x object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing number| hbType object| sharethis string| vcHost object| Weebly string| STATIC_BASE string| ASSETS_BASE string| STYLE_PREFIX function| $ function| jQuery object| _W function| publishedWBJP string| RECAPTCHA_PUBLIC_KEY string| INVISIBLE_RECAPTCHA_PUBLIC_KEY function| _ object| Mustache object| jQBrowser function| PlatformElement function| whenThemeCSSLoaded function| isThemeCSSLoaded function| blogCommentDisplayForm object| YTPlayer object| VimeoPlayer function| Sd function| Rd boolean| Cd function| videojs function| _V_ object| jsonrpc function| getCartCount function| getCartNavElement function| reportCartNavElement function| initPublishedFlyoutMenus boolean| flyoutMenusRefreshable function| initEditorFlyoutMenus function| refreshNavCondense boolean| disableFlyouts function| FlyoutMenu function| objectify object| mejs function| MediaElement function| MediaElementPlayer function| require function| platformElementRequire function| initCustomerAccountsModels object| initEvt string| com_currentSite string| com_userID function| initFlyouts function| Hammer object| jQuery18308545867645374363 object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| r function| snPlObR string| s object| regEx object| drSegmentsTag undefined| segmentData object| GlobalSnowplowNamespace function| snowday boolean| lightboxLoaded object| navFlyoutMenu function| refreshPublishedFlyoutMenus function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog undefined| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback object| Snowplow function| WalkmeSnippet boolean| WALKME_DEBUG object| wmSnippet object| Vcita function| liveSiteLegacyInit function| mtjQuery function| wmjQuery object| LiveSite string| baseURL undefined| fixedCallback string| big_data_event undefined| lsParam string| waypoints-context-id function| ClassMakeTutorial object| _makeTutorialEv function| ClassWalkMeAPI object| _makeTutorial object| WalkMeAPI object| wmContext function| WalkMeDataClass undefined| mtjQuery17107685393249022527_1696369726979 function| WalkmeWidget object| walkmeWidget string| messageSet object| WalkMePlayerAPI

11 Cookies

Domain/Path Name / Value
.www.messagesfromspirit.ca/ Name: is_mobile
Value: 0
www.messagesfromspirit.ca/ Name: language
Value: en_CA
.messagesfromspirit.ca/ Name: __unam
Value: 251cd6c-18af783d4cf-29a68ab3-1
.messagesfromspirit.ca/ Name: _snow_ses.2426
Value: *
.messagesfromspirit.ca/ Name: _snow_id.2426
Value: ba753aff-4e14-4d76-b3b2-a3fd7e4c7935.1696369727.1.1696369727.1696369727.d6f631fc-b41e-46f3-bb2a-1912b025d768
.www.vcita.com/ Name: __cf_bm
Value: iXAJsEjIiQGTl.6FwAdi4CjVZb0P3JRrEtpcFatZjps-1696369727-0-AVMfFEJF64e+t4bpoqWnJHLOYmrzgT4NNd+ujas2zscAaMF0XCHEsfWWPxDU9kLSJp695bgILepPW/rU5pXq3Cs=
.www.vcita.com/ Name: _cfuvid
Value: wumHQ3EBGyLiMNs3Ryy7YGAXOMQ.3P21zFFY92yGrec-1696369727629-0-604800000
.messagesfromspirit.ca/ Name: wm-dmn
Value: messagesfromspirit.ca
.messagesfromspirit.ca/ Name: wm-ueug
Value: "f8f96dda-e3af-3814-ad75-23831990a440"
.messagesfromspirit.ca/ Name: wm-ueuT
Value: 1
.messagesfromspirit.ca/ Name: WM-wa
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c15117557.ssl.cf2.rackcdn.com
cdn2.editmysite.com
d2ra6nuwn69ktl.cloudfront.net
d3b3ehuo35wzeh.cloudfront.net
d3sbxpiag177w8.cloudfront.net
ec.editmysite.com
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
s.sharethis.com
s3.amazonaws.com
static.cloudflareinsights.com
w.sharethis.com
ws.sharethis.com
www.googleadservices.com
www.messagesfromspirit.ca
www.vcita.com
104.16.57.101
104.18.26.3
104.18.27.3
13.249.190.109
13.249.190.15
13.35.77.65
142.251.163.94
142.251.167.155
142.251.167.95
151.101.1.46
151.101.65.46
18.239.166.110
18.239.166.207
18.239.176.187
18.239.183.66
18.239.183.85
199.34.228.58
23.78.0.173
3.130.237.221
52.88.202.252
54.231.199.40
052b6b3e43cc9613a88d32fb3ed5ae3fd42f9456f72671788ef84c959219bb4f
09ebc712b649d3d4598207980101cd648cc6020ee0bfbb7ee38774318cdef3a6
0ee7767e8db3e92faebc5bddaeabb5e5110d70e5d901de5179ffa852fc3ed490
0f06a4a31e95735a079eb95221da328e88ed7a53fc7b9aba5a337efa9da6582b
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
163b64f156a83755e30616fc0537a9617123f13dc7c6c64a1bc0d5a7ed1df524
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c38eaa46dfc8528e865a44ccd1cfe658107889cc5530357a6f3a1f945c8097
2c8352ddf516bf97f2cefd10041a447856f6e3e5dd29ac68fa615bfd152aad33
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
37b2b6bcaa962911c573ad1dd941b1368590942523a46cabbc5060c3ab32d1f4
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
39534116e06af8e76d223fd8d14511a23b1d53c51f50c92faed79d263b83771b
4342c561408b4adc3c45aeec0754cde812fd14b7dab9cc6e2d5019a27c9a5f11
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
4c952897edcd4c46fb4773f5e8b1fb3692dfb9df129022f484e693e757e2441c
4cffd0dc02f14c8ae2bc287ce40adc77f4cfe6d3075b0bb066f404d38aa845ed
51354d9f795de86b1de584ddf501da53852b9465bb2537d97d9fcc55b39e3004
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b
6647c78ffae821d39f6378a5df536714edb9449a50d3b3457dd1e94505c2ae55
6fb90026b126c381ee886f6e0fe449ba88cfc74b0085e1006c125551ef471719
733a25e9493bea8707e2347326bb10751e4bebd0abcc997f40163907e3c9a998
85365759ea7e00efc0deaf42bed1128b271d767931c2bbebdeea1a49b2a43537
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
8802abb3b383ff337f78b74ebfc5a3e6fb21657da18c1b403cf8ab5bbcf57a72
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9f17849278ea3971ca67fe008881f2e042351b3b0f279c38efde4f4b02ab8f75
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a457ab8682faad67269f879fc32fe9627a3495747a0652849a4966eb1ec01fea
a4eb3706e364405509ed18574a70a8836b3a2b334ed04df1d10ca33bf3421545
abb0bc89f74a084911cec2e2f9f2882b0df2250001a2c70a0a76779cfbca6ccc
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
b105e7a17c9f97015b7ea198617fa7f79dd4bb600fcbbb8724f198c5fec5bbab
b31aaefa522d67846638fa4181bbb22375bd0cb1beb37d514609c3821953161a
b4f2de5b6b0ce67eb0bdb6bdb1a0272ce6c6a17d9632ec9a090565d339836ab1
b659f368fb72cdd08562c8e3d3b079a6bf9ffb5d7c9d83c572b5b41802245d6d
b67dfa85cde41771dfa48e2847a960469cecc3615f1d368f11be821c4ba9cce7
b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c4f595f154c135e6631df3e3a986a1fdebda177a47a91cbb9e645d37a0e03311
c64f925bf80e6f3fe7c613726e8c011334a61fbe3a6071c77966c812cfacf269
c9f3a4c95441b79578439500a7b00c8029ab2cdf5eb2b5a0c82e4d5bd4ae0fad
cb2642e037c6e74eace100541b7e6776ecaf14371b49e4decf7831bfb0a7147b
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698
db6b25bb6ccabdbd425d7b1c871c5d0b3588cc5c51936d4f6ecaa8f92c6e7b03
dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
e8941f309177ab01f8c6eb9cef3676f52003b1675102b882806dbe9cb14893a3
fadc809f28d03440e5b8164303090b33ec2704fa1ca42a57636eddfb32c88dc0
fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2
fbd2b91b65bb18148b16579ec60fabf8cde4c981f7ee11f5399cdd05afd85af7
ff1a5902ef98eff0cce0346a024c51a3888b316115995aa4536cf1a275c37553