www.harrypottercamps.org Open in urlscan Pro
199.34.228.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://harrypottercamps.org/
Effective URL:
https://www.harrypottercamps.org/
Submission Tags: krdtest
Submission: On August 28 via api (August 28th 2021, 7:39:50 am UTC) from JP

Summary HTTP 195 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 36 IPs in 2 countries across 25 domains to perform 195 HTTP transactions. The main IP is 199.34.228.75, located in United States and belongs to WEEBLY, US. The main domain is www.harrypottercamps.org.
TLS certificate: Issued by R3 on August 9th 2021. Valid for: 3 months.

This is the only time www.harrypottercamps.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	199.34.228.75 199.34.228.75	27647 (WEEBLY) (WEEBLY)
35	2a04:4e42:3::302 2a04:4e42:3::302	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
13	74.120.127.135 74.120.127.135	53804 (ACTIVE-ASN1) (ACTIVE-ASN1)
18	2606:4700:20:... 2606:4700:20::681a:9db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a03:2880:f22... 2a03:2880:f22d:1e6:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
10	44.237.245.63 44.237.245.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	74.115.50.106 74.115.50.106	27647 (WEEBLY) (WEEBLY)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	52.43.249.183 52.43.249.183	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	74.115.50.109 74.115.50.109	27647 (WEEBLY) (WEEBLY)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.224.96.55 13.224.96.55	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	13.224.96.124 13.224.96.124	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.201.89.61 52.201.89.61	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	13.224.96.67 13.224.96.67	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	13.224.96.118 13.224.96.118	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
4	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
195	36

31 199.34.228.75 (United States) 1 redirects

ASN27647 (WEEBLY, US)
PTR: pages-custom-27.weebly.com

harrypottercamps.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.harrypottercamps.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a04:4e42:3::302 (United States)

ASN54113 (FASTLY, US)

cdn2.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-promote.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 74.120.127.135 (United States)

ASN53804 (ACTIVE-ASN1, US)

emarketing.activenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:9db (United States)

ASN13335 (CLOUDFLARENET, US)

www.activityhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.activityhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.activityhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 44.237.245.63 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-245-63.us-west-2.compute.amazonaws.com

track.freecallinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.115.50.106 (United States)

ASN27647 (WEEBLY, US)
PTR: promote.weebly.com

promote.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.43.249.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-249-183.us-west-2.compute.amazonaws.com

ec.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.115.50.109 (United States)

ASN27647 (WEEBLY, US)
PTR: www.weebly.com

www.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-55.zrh50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-124.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.89.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-89-61.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-67.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-118.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	harrypottercamps.org 1 redirects harrypottercamps.org www.harrypottercamps.org	4 MB
27	editmysite.com cdn2.editmysite.com ec.editmysite.com	534 KB
18	activityhero.com www.activityhero.com static.activityhero.com images.activityhero.com	1 MB
14	weebly.com cdn-promote.weebly.com promote.weebly.com www.weebly.com	443 KB
13	activenetwork.com emarketing.activenetwork.com	39 KB
10	freecallinc.com track.freecallinc.com	61 KB
10	googleapis.com fonts.googleapis.com ajax.googleapis.com	67 KB
8	facebook.net connect.facebook.net	366 KB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	125 KB
6	googletagmanager.com www.googletagmanager.com	237 KB
6	gstatic.com fonts.gstatic.com	135 KB
5	facebook.com www.facebook.com	561 B
4	nr-data.net bam.nr-data.net	930 B
4	google.de www.google.de	300 B
4	google.com www.google.com	761 B
4	doubleclick.net googleads.g.doubleclick.net	5 KB
4	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	84 KB
4	addthis.com s7.addthis.com	381 KB
4	instagram.com 2 redirects www.instagram.com	5 KB
3	googleadservices.com www.googleadservices.com	41 KB
3	google-analytics.com ssl.google-analytics.com www.google-analytics.com	55 KB
2	addthisedge.com v1.addthisedge.com	1 KB
2	newrelic.com js-agent.newrelic.com	23 KB
2	moatads.com z.moatads.com	2 KB
0	Failed function sub() { [native code] }. Failed
195	25

	Domain	Requested by
30	www.harrypottercamps.org	www.harrypottercamps.org ajax.googleapis.com
25	cdn2.editmysite.com	www.harrypottercamps.org cdn2.editmysite.com
13	emarketing.activenetwork.com	www.harrypottercamps.org emarketing.activenetwork.com
10	static.activityhero.com	www.activityhero.com static.activityhero.com
10	track.freecallinc.com	www.harrypottercamps.org track.freecallinc.com
10	cdn-promote.weebly.com	www.harrypottercamps.org cdn-promote.weebly.com promote.weebly.com
8	connect.facebook.net	www.activityhero.com connect.facebook.net
8	fonts.googleapis.com	www.harrypottercamps.org cdn-promote.weebly.com www.activityhero.com
6	www.googletagmanager.com	www.activityhero.com www.googletagmanager.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.activityhero.com	www.harrypottercamps.org www.activityhero.com
5	www.facebook.com	www.activityhero.com www.harrypottercamps.org
4	bam.nr-data.net	js-agent.newrelic.com www.activityhero.com
4	www.google.de	www.activityhero.com
4	www.google.com	www.activityhero.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	s7.addthis.com	www.activityhero.com s7.addthis.com
4	www.instagram.com	2 redirects www.harrypottercamps.org www.instagram.com
3	www.googleadservices.com	www.googletagmanager.com
3	promote.weebly.com	cdn-promote.weebly.com
2	v1.addthisedge.com	s7.addthis.com
2	js-agent.newrelic.com	www.activityhero.com
2	images.activityhero.com	www.activityhero.com
2	z.moatads.com	s7.addthis.com
2	vars.hotjar.com	static.hotjar.com
2	script.hotjar.com	static.hotjar.com
2	heapanalytics.com	www.activityhero.com
2	static.hotjar.com	www.harrypottercamps.org
2	cdn.heapanalytics.com	www.activityhero.com
2	www.google-analytics.com	www.activityhero.com
2	ec.editmysite.com	cdn2.editmysite.com
2	ajax.googleapis.com	www.harrypottercamps.org
1	www.weebly.com	www.harrypottercamps.org
1	ssl.google-analytics.com	www.harrypottercamps.org
1	harrypottercamps.org	1 redirects
0	localhost Failed	www.harrypottercamps.org
195	36

This site contains links to these domains. Also see Links.

Domain
www.demigodlodge.org
digivations.org
campscui.active.com
www.activenetwork.com
www.campdemigod.org
www.digivations.com
xgens.org
www.activityhero.com
www.digivationsxgens.org
digivationsxgens.org
www.xgens.org
www.instagram.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.livechatalternative.com

Subject Issuer	Validity	Valid
www.harrypottercamps.org R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
*.editmysite.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.activenetwork.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
track.freecallinc.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-21` - `2021-11-20`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.weebly.com RapidSSL RSA CA 2018	`2019-10-04` - `2021-12-02`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
ec.editmysite.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
www.weebly.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2022-08-15`	2 years	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.harrypottercamps.org/
Frame ID: 050546DC48EC61FC32B60A809ADCB769
Requests: 105 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: 9A94C2EC7399E04EC37C65C558EADED6
Requests: 1 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Frame ID: C8316FC48557D27A37E34EE1C9A5C31F
Requests: 2 HTTP requests in this frame

Frame: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Frame ID: A33B667B24F70D127FAB0409DAA9FA4F
Requests: 38 HTTP requests in this frame

Frame: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
Frame ID: D4B80D1BE39293AEBC7839B9F8972FA5
Requests: 38 HTTP requests in this frame

Frame: https://promote.weebly.com/leadForm?form_id=e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Frame ID: 23C3686C9E07793CDB153B0C8715B0BE
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 37284061F744E2BA1C01A04093022593
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 2FB50D2A56708C8380A751709BF22B6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DIGIVATIONS CAMP DEMIGOD INSTITUTE - OVERNIGHT CAMP HALF-BLOOD! HARRY POTTER CAMPS!

Page URL History Show full URLs

https://harrypottercamps.org/ HTTP 301
https://www.harrypottercamps.org/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

195
Requests

98 %
HTTPS

54 %
IPv6

25
Domains

36
Subdomains

36
IPs

2
Countries

8103 kB
Transfer

52869 kB
Size

0
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://www.demigodlodge.org/
Title: Lodge

Search URL Search Domain Scan URL

URL: http://digivations.org/merchandise/
Title: STORE

Search URL Search Domain Scan URL

URL: https://campscui.active.com/orgs/DIGIVATIONSInstitute?previewMode=true#/selectSessions/2956546
Title: In Person (Leavenworth, WA) & Virtual LIVE

Search URL Search Domain Scan URL

URL: https://campscui.active.com/orgs/DIGIVATIONSInstitute#/selectSessions/2656705
Title: Secretariat Applications

Search URL Search Domain Scan URL

URL: https://campscui.active.com/orgs/DIGIVATIONSInstitute
Title: Register Now

Search URL Search Domain Scan URL

URL: http://www.activenetwork.com/
Title: ACTIVE Network

Search URL Search Domain Scan URL

URL: http://www.campdemigod.org/
Title: CAMP DEMIGOD

Search URL Search Domain Scan URL

URL: http://www.digivations.com/campdemigod/campfandom.html
Title: Camp Fandom

Search URL Search Domain Scan URL

URL: http://xgens.org/
Title: XGENS Model United Nations Sustainable Development Goals Academy & Institute

Search URL Search Domain Scan URL

URL: https://campscui.active.com/orgs/DIGIVATIONSInstitute?orglink=camps-registration
Title: APPLY HERE

Search URL Search Domain Scan URL

URL: https://www.activityhero.com/?aht_cam=new-schedule-widget&aht_src=74141
Title: ActivityHero

Search URL Search Domain Scan URL

URL: http://www.digivationsxgens.org/2021xgensdelegationbios.html
Title:

Search URL Search Domain Scan URL

URL: http://digivationsxgens.org/
Title: DIGIVATIONS XGENS

Search URL Search Domain Scan URL

URL: http://www.digivations.com/
Title: DIGIVATIONS

Search URL Search Domain Scan URL

URL: http://www.xgens.org/
Title: REGISTER FOR XGENS MUN PROGRAMS

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B6XtvtppKl8/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cpdemigod/?utm_source=ig_embed&utm_campaign=loading
Title: Camp Demigod | Camp Half-Blood

Search URL Search Domain Scan URL

URL: https://www.activityhero.com/?aht_cam=review-widget&aht_src=74141
Title: ActivityHero

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DEMIGODINSTITUTE/

Search URL Search Domain Scan URL

URL: https://twitter.com/adeaneberman

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/stevenlberman/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/digivations

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cpdemigod/

Search URL Search Domain Scan URL

URL: http://www.digivationsxgens.org/xgensleavenworthwaprogram-307241.html
Title: Model UN Summer Academy

Search URL Search Domain Scan URL

URL: https://www.livechatalternative.com/bnp-paribas-customer-success-story/?source=chatwind&cid=90112&lng=english
Title: bnp paribas customer success story

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://harrypottercamps.org/ HTTP 301
https://www.harrypottercamps.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 70

https://www.instagram.com/p/B6XtvtppKl8/embed/captioned/?cr=1&v=12&wp=555&rd=https%3A%2F%2Fwww.harrypottercamps.org&rp=%2F HTTP 302
https://www.instagram.com/accounts/login/

195 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.harrypottercamps.org/
Redirect Chain

https://harrypottercamps.org/
https://www.harrypottercamps.org/

76 KB
19 KB

578ms
205ms

Document
text/html

199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: Apache /
Resource Hash: 37dd398463ba8e0e0f39165ca66da6e995a6c837bdec07a1411c57d0cb36ee76

Request headers

Host: www.harrypottercamps.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:29 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.harrypottercamps.org language=en; expires=Sat, 11-Sep-2021 07:39:29 GMT; Max-Age=1209600; path=/
Vary: X-W-SSL,Accept-Encoding,User-Agent
Cache-Control: private
ETag: W/"40cb5939888011af4659a0ccfcafcd92-gzip"
Content-Encoding: gzip
X-Host: pages37.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 19226
Keep-Alive: timeout=10, max=58
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 28 Aug 2021 07:39:28 GMT
Server: Apache
Location: https://www.harrypottercamps.org/
Content-Length: 241
Keep-Alive: timeout=10, max=43
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sites.css
cdn2.editmysite.com/css/ 210 KB
29 KB 8ms
5ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d0510d4ca7d7a21836fa8d835b738f49a5f8de52127a6e667ecb58d86553c2f

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 520511
x-cache: HIT, HIT
x-cache-hits: 4, 16
content-encoding: gzip
content-length: 29809
x-served-by: cache-sjc10060-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.291821,VS0,VE0
etag: W/"611c1ce6-3481e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sun, 05 Sep 2021 07:04:18 GMT

GET
H2 200 fancybox.css
cdn2.editmysite.com/css/old/ 4 KB
1 KB 9ms
5ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/old/fancybox.css?1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 164518
x-cache: HIT, HIT
x-cache-hits: 1, 9
content-encoding: gzip
content-length: 1218
x-served-by: cache-sjc10074-SJC, cache-fra19152-FRA
last-modified: Tue, 24 Aug 2021 21:41:43 GMT
server: nginx
x-timer: S1630136369.293882,VS0,VE0
etag: "61256797-f47"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 09 Sep 2021 09:57:31 GMT

GET
H2 200 social-icons.css
cdn2.editmysite.com/css/ 13 KB
2 KB 10ms
6ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ccc021b61a30d53390315ccda8f48dd02576a245b90a9ab8ef0941579d15ed15

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 513903
x-cache: HIT, HIT
x-cache-hits: 1, 9
content-encoding: gzip
content-length: 1639
x-served-by: cache-sjc10066-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.294132,VS0,VE0
etag: W/"611c1ce6-3319"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sun, 05 Sep 2021 08:54:26 GMT

GET
H/1.1 200
OK main_style.css
www.harrypottercamps.org/files/ 74 KB
10 KB 312ms
166ms Stylesheet
text/css 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/files/main_style.css?1625952860
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 9219a758dd50706694f0493cd407f2cbeca35717599c1bd9641c3d57855dd1ef

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:29 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-Host: grn29.sf2p.intern.weebly.net
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type

GET
H2 200 css
fonts.googleapis.com/ 6 KB
652 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

104129370438ceb2eb38a889a4f31ae506e9abae18a6a6e473822e64560f9e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 07:14:26 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
580 B 26ms
22ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cardo:400,700,400italic&subset=latin,latin-ext

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f4ddf7a8871e51c3df13d1e4f127fb577915f1c7475d54a0440bf6384120c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 07:39:28 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
704 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5b175f66cab48e5fc60805a6722c5eecba48428312ae0dcf6dfb211e282d14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 07:27:01 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 754 B
408 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans:400,700&subset=latin,latin-ext

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 07:32:30 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:29 GMT

GET
H2 200 slideshow.css
cdn2.editmysite.com/css/old/slideshow/ 7 KB
2 KB 9ms
5ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 054411e5423615254088341e90d1c49c68e19e016690034b95437499ea18ba87

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 519150
x-cache: HIT, HIT
x-cache-hits: 1, 2
content-encoding: gzip
content-length: 1488
x-served-by: cache-sjc10052-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.294718,VS0,VE0
etag: W/"611c1ce6-1cb9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sun, 05 Sep 2021 07:26:58 GMT

GET
H2 200 mediaelementplayer.css
cdn2.editmysite.com/css/old/ 15 KB
3 KB 12ms
9ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/old/mediaelementplayer.css?buildTime=1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c71fa8e41b45fca8971007afe3707c12131b050c733de806d78431e3c08cde4a

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 695960
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 2929
x-served-by: cache-sjc10028-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.295124,VS0,VE1
etag: W/"611c1ce6-3dd7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 03 Sep 2021 06:20:09 GMT

GET
H/1.1 200
OK templateArtifacts.js Show response
www.harrypottercamps.org/files/ 7 KB
2 KB 486ms
173ms Script
application/x-javascript 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/files/templateArtifacts.js?1625952860
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:29 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-Host: blu27.sf2p.intern.weebly.net
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 14:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Aug 2022 14:19:55 GMT

GET
H2 200 stl.js Show response
cdn2.editmysite.com/js/lang/en/ 169 KB
30 KB 9ms
7ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1625861773&
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad715e74a761040299f114bc3cbb0614529b2a3ce339ad6ea9b738ff140657b5

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 769601
x-cache: HIT, HIT
x-cache-hits: 3, 18
content-encoding: gzip
content-length: 30794
x-served-by: cache-sjc10042-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.295101,VS0,VE0
etag: W/"611c1ce6-2a2eb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 02 Sep 2021 09:52:48 GMT

GET
H2 200 main.js Show response
cdn2.editmysite.com/js/site/ 466 KB
143 KB 11ms
9ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main.js?buildTime=1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba97504b136b447bea2ecc59111ba5a63200d2662f92936d0f7c206492b989d8

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 841397
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 146166
x-served-by: cache-sjc10038-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.295095,VS0,VE1
etag: W/"611c1ce6-74804"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 01 Sep 2021 13:56:12 GMT

GET
H2 200 slideshow-jq.js Show response
cdn2.editmysite.com/js/old/ 40 KB
13 KB 8ms
6ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c9defa51976e3ae85c45b8167e1f46678b14c7d8c54bdda2652d01d0569906a8

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 519995
x-cache: HIT, HIT
x-cache-hits: 1, 2
content-encoding: gzip
content-length: 13244
x-served-by: cache-sjc10027-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.295080,VS0,VE0
etag: W/"611c1ce6-9e0b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sun, 05 Sep 2021 07:12:54 GMT

GET
H2 200 theme-plugins.js Show response
cdn2.editmysite.com/js/site/ 12 KB
4 KB 13ms
12ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/theme-plugins.js?buildTime=1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4f595f154c135e6631df3e3a986a1fdebda177a47a91cbb9e645d37a0e03311

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 772874
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 3744
x-served-by: cache-sjc10028-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136369.295199,VS0,VE1
etag: W/"611c1ce6-314e"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 02 Sep 2021 08:58:15 GMT

GET
H/1.1 200
OK button-v4.css
emarketing.activenetwork.com/res/button/css/ 74 KB
6 KB 611ms
152ms Stylesheet
text/css 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://emarketing.activenetwork.com/res/button/css/button-v4.css

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

7b923d422b294f8631495a0616f703ecb22fd25a974c2e1d57d5a9a2ae089f91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
server-id: 175
Last-Modified: Mon, 24 Sep 2012 18:11:49 GMT
ETag: "80e0ae10809acd1:0"
Vary: Accept-Encoding
Content-Type: text/css
Date: Sat, 28 Aug 2021 07:39:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 4909
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jacobredswordjpg_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 110 KB
110 KB 169ms
165ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/jacobredswordjpg_orig.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 6ecee81944a8f190b62e2fe70d7c46d53cad962a405e3a6aaece2694bf57772d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:29 GMT
X-Storage-Object: 6ecee81944a8f190b62e2fe70d7c46d53cad962a405e3a6aaece2694bf57772d
Last-Modified: Sat, 02 Nov 2019 05:13:25 GMT
Server: nginx
x-amz-request-id: tx0000000000000c3ada050-005fc2cc9a-1317d41-las
ETag: "78470b43f34d40bd54ce0c9b930bba9d"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu48.sf2p.intern.weebly.net
X-Storage-Bucket: z6ece
Accept-Ranges: bytes
Content-Length: 112585

GET
H/1.1 200
OK moonmen.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/published/ 22 KB
22 KB 484ms
167ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/published/moonmen.jpg?1572671863
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 7041121c9e9bb32b2f3bf9add78cacbef874710acf4d753e624787bbde69283b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 7041121c9e9bb32b2f3bf9add78cacbef874710acf4d753e624787bbde69283b
Last-Modified: Sat, 02 Nov 2019 05:17:43 GMT
Server: nginx
x-amz-request-id: tx000000000000070c71a9b-005ff14ea2-15b3dc2-las
ETag: "c12342ff902aaa00769f077b34259df2"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu26.sf2p.intern.weebly.net
X-Storage-Bucket: z7041
Accept-Ranges: bytes
Content-Length: 22189

GET
H/1.1 200
OK hphelenahat.png
www.harrypottercamps.org/uploads/7/2/0/3/72038099/published/ 83 KB
84 KB 498ms
181ms Image
image/png 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/published/hphelenahat.png?1572672112
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 8d2c5346a2a506632e72ab05405660dda3c5ada08987955796776109ef7040ce

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 8d2c5346a2a506632e72ab05405660dda3c5ada08987955796776109ef7040ce
Last-Modified: Sat, 02 Nov 2019 05:21:52 GMT
Server: nginx
x-amz-request-id: tx00000000000001257f552-005fe97221-177c75c-las
ETag: "83991d3391d92334ebbeee7c7311fbe7"
Content-Type: image/png
Connection: keep-alive
X-Host: grn32.sf2p.intern.weebly.net
X-Storage-Bucket: z8d2c
Accept-Ranges: bytes
Content-Length: 85222

GET
H/1.1 200
OK ymuncaroline_1.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 64 KB
65 KB 487ms
169ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/ymuncaroline_1.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 42ba3cd1ed14b4add53475a24aea9f5c2b7b04a189d185ef7dc3c059cba9e8eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 42ba3cd1ed14b4add53475a24aea9f5c2b7b04a189d185ef7dc3c059cba9e8eb
Last-Modified: Tue, 18 Feb 2020 23:14:23 GMT
Server: nginx
x-amz-request-id: tx000000000000001a49696-006128ad1f-a7fc34e-sfo1
ETag: "b81d4068197109fc1c0c9dbbf4ce0e69"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: grn43.sf2p.intern.weebly.net
X-Storage-Bucket: z42ba
Accept-Ranges: bytes
Content-Length: 65619

GET
H/1.1 200
OK yalemun2020collage_1.png
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 485 KB
485 KB 171ms
171ms Image
image/png 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/yalemun2020collage_1.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 6ad3c3bd978c66146c2e999db5973de76af01eefe11698f83ea8a4d5f576883f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 6ad3c3bd978c66146c2e999db5973de76af01eefe11698f83ea8a4d5f576883f
Last-Modified: Tue, 18 Feb 2020 23:17:21 GMT
Server: nginx
x-amz-request-id: tx0000000000000cbf41696-005fcaebe4-1317d41-las
ETag: "e9775ba178d0e806db0fb42e71bf1d4c"
Content-Type: image/png
Connection: keep-alive
X-Host: blu27.sf2p.intern.weebly.net
X-Storage-Bucket: z6ad3
Accept-Ranges: bytes
Content-Length: 496448

GET
H2 200 widget.js Show response
www.activityhero.com/ 5 KB
3 KB 48ms
18ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityhero.com/widget.js?v=1597712261

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3edf3f0d746236ba0b639f0131d5a0a796228e009b451a995fd742100721c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5245
cf-polished: origSize=7631
content-encoding: br
last-modified: Fri, 27 Aug 2021 12:17:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQKf9A%2BFE5GgSU1fgZoYO6z%2BrMV1Y53zY73dOH3%2B3JG61KWalxrQVB2%2FFrpPDk0RQW2EHxFnaC6cxJGtB28BG6zTVyAqUeKV7eY5vyTpSFGVJgQnTvc5OLJvJRHLvhlKvyQu0lXZI%2BgnAK9ec5iTh%2Fcg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 685be2d758d81766-FRA
cf-bgj: minify

GET
H/1.1 200
OK munphotosbetter2021_orig.png
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 285 KB
285 KB 163ms
163ms Image
image/png 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/munphotosbetter2021_orig.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 1e424043529b056c86e62f63a83efb01d9e44eb5428ac5e718e10fce83474ee8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 1e424043529b056c86e62f63a83efb01d9e44eb5428ac5e718e10fce83474ee8
Last-Modified: Wed, 13 Jan 2021 22:53:43 GMT
Server: nginx
x-amz-request-id: tx000000000000142547370-0060454651-131dd7c-las
ETag: "be76aaec687a0b9b75748d0b151a789a"
Content-Type: image/png
Connection: keep-alive
X-Host: blu27.sf2p.intern.weebly.net
X-Storage-Bucket: z1e42
Accept-Ranges: bytes
Content-Length: 291735

GET
H/1.1 200
OK 92131879-10157678675356996-5511001545430269952-n.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/published/ 57 KB
57 KB 169ms
169ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/published/92131879-10157678675356996-5511001545430269952-n.jpg?1598665024
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 102f7062584b92bdd7dfae9bccc4c36baf36d3eed4fcbe0579f86d2964b6d932

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 102f7062584b92bdd7dfae9bccc4c36baf36d3eed4fcbe0579f86d2964b6d932
Last-Modified: Sat, 29 Aug 2020 01:37:04 GMT
Server: nginx
x-amz-request-id: tx0000000000001305fd3e0-00611c6ba5-177c75c-las
ETag: "a84f30b762cfd77c9750fd7258181e36"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu48.sf2p.intern.weebly.net
X-Storage-Bucket: z102f
Accept-Ranges: bytes
Content-Length: 58235

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

14ms
6ms

Script
text/javascript

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 10:10:39 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Sat, 28 Aug 2021 07:39:29 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ash
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 widget.js Show response
www.activityhero.com/ 5 KB
2 KB 19ms
15ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityhero.com/widget.js?v=1597639646

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3edf3f0d746236ba0b639f0131d5a0a796228e009b451a995fd742100721c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5245
cf-polished: origSize=7631
content-encoding: br
last-modified: Fri, 27 Aug 2021 12:17:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBDWc5x3YlE2ySWn%2Fdh1eBLReOE4AfsWsSK5ZYwmlNonNLUxGAt%2FztsMmPBumBsSg33Q7LBVr%2BtY43EBikWyJ2rb9CZm764lyp37vgD2bOyeDSFSyEddycEQhklp4LqAs0pImX5KR0JusoDxIQjAj6I9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 685be2d758ed1766-FRA
cf-bgj: minify

GET
H/1.1 200
OK plugins.js Show response
www.harrypottercamps.org/files/theme/ 75 KB
18 KB 163ms
159ms Script
application/javascript 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/files/theme/plugins.js?1557172909
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: b548f7d3463d55fb324b29d193d98a69dbbeef7348835c01916510410a8abe52

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:29 GMT
Content-Encoding: gzip
X-Storage-Object: b548f7d3463d55fb324b29d193d98a69dbbeef7348835c01916510410a8abe52
Last-Modified: Sat, 11 Apr 2020 16:53:01 GMT
Server: nginx
x-amz-request-id: tx0000000000000000ac1fb-005ea35d1a-10e20e2-las
ETag: W/"d86334c666522e93294216386ef7e57b"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Transfer-Encoding: chunked
X-Host: grn43.sf2p.intern.weebly.net
X-Storage-Bucket: zb548

GET
H/1.1 200
OK custom.js Show response
www.harrypottercamps.org/files/theme/ 12 KB
4 KB 171ms
167ms Script
application/javascript 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/files/theme/custom.js?1557172909
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 82b916388ce33d61e0bb3000fe2911bed0c3cf75e09cb31441b6e61816d45159

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:29 GMT
Content-Encoding: gzip
X-Storage-Object: 82b916388ce33d61e0bb3000fe2911bed0c3cf75e09cb31441b6e61816d45159
Last-Modified: Mon, 22 Mar 2021 23:36:36 GMT
Server: nginx
x-amz-request-id: tx0000000000000001da533-0061272ef2-a7fc34e-sfo1
ETag: W/"9a4d3a18190ef2bede26423bb6604dc7"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Transfer-Encoding: chunked
X-Host: blu8.sf2p.intern.weebly.net
X-Storage-Bucket: z82b9

GET
H2 200 main-customer-accounts-site.js Show response
cdn2.editmysite.com/js/site/ 521 KB
155 KB 10ms
6ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c2e001669970d601d4835120e942a8424f03cebeee4d3b1d65b92c573874ed26

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 166439
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 158324
x-served-by: cache-sjc10065-SJC, cache-fra19152-FRA
last-modified: Tue, 24 Aug 2021 21:41:43 GMT
server: nginx
x-timer: S1630136370.820359,VS0,VE1
etag: W/"61256797-82228"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 09 Sep 2021 09:25:30 GMT

GET
H2 200 messenger.js Show response
cdn-promote.weebly.com/js/dist/ 2 KB
1 KB 13ms
9ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/js/dist/messenger.js
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95464d87c9da927b6b130cd8ba56d9701d265fc04753d42caccbd56921c40441

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
content-encoding: gzip
age: 165423
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor7.sf2p.intern.weebly.net
content-length: 1019
x-served-by: cache-sjc10047-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 00:05:18 GMT
server: nginx
x-timer: S1630136370.822189,VS0,VE0
etag: "6126dabe-91b"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 27 Aug 2021 09:42:25 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 11, 516

GET
H2 200 lead-form.js Show response
cdn-promote.weebly.com/js/dist/ 17 KB
6 KB 12ms
8ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/js/dist/lead-form.js
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af35f1bbd141077bbf9bea22bad9c6cb7e6045d51d6dd3978dd3be982d996207

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
content-encoding: gzip
age: 514941
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor2.sf2p.intern.weebly.net
content-length: 5762
x-served-by: cache-sjc10041-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Fri, 20 Aug 2021 01:15:12 GMT
server: nginx
x-timer: S1630136370.833492,VS0,VE0
etag: W/"611f0220-45f9"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Mon, 23 Aug 2021 08:37:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1233, 1974

GET
H/1.1 200
OK freecall.js Show response
track.freecallinc.com/ 30 KB
8 KB 552ms
184ms Script
application/javascript 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.freecallinc.com/freecall.js
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 52fb48940cfe124b9f5c88842435b64e9fa157a985709f2a46ffae1d5f9f3578

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 07:39:30 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Content-Length: 7719
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET cdn.js
localhost/CampTree/assets/ 0
0

GET
H/1.1 200
OK icon-search-sprite.png
www.harrypottercamps.org/files/theme/images/ 2 KB
3 KB 318ms
166ms Image
image/png 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/files/theme/images/icon-search-sprite.png?1625952860
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/files/main_style.css?1625952860
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 7034bddf3d69243d90215b69b70ba9272ae4f8f6ae8fafc9a793f6f395c0c8c9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/files/main_style.css?1625952860
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/files/main_style.css?1625952860
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 7034bddf3d69243d90215b69b70ba9272ae4f8f6ae8fafc9a793f6f395c0c8c9
Last-Modified: Mon, 11 May 2020 09:58:34 GMT
Server: nginx
x-amz-request-id: tx0000000000000001dbf2e-0061272f07-a802f44-sfo1
ETag: "831b1b2ab50556518254f00d561a6ed5"
Content-Type: image/png; charset=binary
Connection: keep-alive
X-Host: blu8.sf2p.intern.weebly.net
X-Storage-Bucket: z7034
Accept-Ranges: bytes
Content-Length: 2403

GET
H/1.1 200
OK aerial_video__656.jpg
www.harrypottercamps.org/uploads/b/72038099-456397320103264910/ 304 KB
304 KB 447ms
159ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/b/72038099-456397320103264910/aerial_video__656.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 63a5a5a019fbb4f189fd914c0c1f85efcc17d45430fb28f1b88278185abdee99

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: 63a5a5a019fbb4f189fd914c0c1f85efcc17d45430fb28f1b88278185abdee99
Last-Modified: Mon, 10 Feb 2020 00:19:13 GMT
Server: nginx
x-amz-request-id: tx000000000000181caffd8-00611535aa-15b3dc2-las
ETag: "cc05cc0c3a8a2e5b93114fdceecf1dc2"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: grn43.sf2p.intern.weebly.net
X-Storage-Bucket: z63a5
Accept-Ranges: bytes
Content-Length: 311223

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 34 KB
35 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.harrypottercamps.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 01:34:40 GMT
x-content-type-options: nosniff
age: 108289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35284
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 01:34:40 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v17/ 26 KB
26 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v17/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb1f52007251aecad20fbb2152f9818653a595882dc03ac8830d02502cb19ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.harrypottercamps.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 16:22:09 GMT
x-content-type-options: nosniff
age: 55040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26828
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:01:14 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 16:22:09 GMT

GET
H2 200 messenger-container.css
cdn-promote.weebly.com/css/ 11 KB
2 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/css/messenger-container.css
Requested by: Host: cdn-promote.weebly.com
URL: https://cdn-promote.weebly.com/js/dist/messenger.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9aa24e9737d9716c94f4459166d798310d5b526b478c30fc3e302793c26adbeb

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
content-encoding: gzip
age: 164503
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor2.sf2p.intern.weebly.net
content-length: 1340
x-served-by: cache-sjc10072-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 00:05:00 GMT
server: nginx
x-timer: S1630136370.851613,VS0,VE0
etag: W/"6126daac-2cf1"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Fri, 27 Aug 2021 09:57:46 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 634

GET
H2 200 lead-form-container.css
cdn-promote.weebly.com/css/ 12 KB
2 KB 6ms
5ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/css/lead-form-container.css
Requested by: Host: cdn-promote.weebly.com
URL: https://cdn-promote.weebly.com/js/dist/lead-form.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: efbdedfd2b2a291e7c90fbcdab29c6cfc3473d2d384baaeaee4f0b741f41acfd

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
content-encoding: gzip
age: 518887
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor6.sf2p.intern.weebly.net
content-length: 2019
x-served-by: cache-sjc10055-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Fri, 20 Aug 2021 01:15:01 GMT
server: nginx
x-timer: S1630136370.852929,VS0,VE0
etag: W/"611f0215-3140"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Mon, 23 Aug 2021 07:31:23 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1318

GET
H/1.1 200
OK e60bb2b7-1e87-4489-979f-eca8fc6cdb73 Show response
promote.weebly.com/leadForm/ 2 KB
3 KB 536ms
208ms XHR
application/json 74.115.50.106
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://promote.weebly.com/leadForm/e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Requested by: Host: cdn-promote.weebly.com
URL: https://cdn-promote.weebly.com/js/dist/lead-form.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.106 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: promote.weebly.com
Software: nginx /
Resource Hash: 5cc7ba6051f81a0eb6d15b1135d1603e813d45b7b360bd4a0f65e81809997e93

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
Server: nginx
X-Orchestra: 547b3a5a4619c534efc1e5488ab3776ef085d2c3
Transfer-Encoding: chunked
P3P: CP: IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Host: teditor3.sf2p.intern.weebly.net
X-Conductor: cb2af82f7a4c684365f8947ba3fa4393abdb43d8
Connection: keep-alive
Content-Type: application/json
X-W-DC: SFO

OPTIONS
H/1.1 200
OK e60bb2b7-1e87-4489-979f-eca8fc6cdb73
promote.weebly.com/leadForm/ Frame 0
0 548ms
223ms Preflight
text/html 74.115.50.106
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://promote.weebly.com/leadForm/e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Protocol: HTTP/1.1
Server: 74.115.50.106 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: promote.weebly.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://www.harrypottercamps.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: accept, content-type, x-xsrf-token, x-csrf-token, x-requested-with
X-Host: teditor3.sf2p.intern.weebly.net
P3P: CP: IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
X-Orchestra: 547b3a5a4619c534efc1e5488ab3776ef085d2c3
X-Conductor: cb2af82f7a4c684365f8947ba3fa4393abdb43d8
Date: Sat, 28 Aug 2021 07:39:30 GMT
X-W-DC: SFO

GET
H3-29 200 css
fonts.googleapis.com/ 705 B
372 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla

Requested by

Host: cdn-promote.weebly.com
URL: https://cdn-promote.weebly.com/css/lead-form-container.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ce5ea21759f6438096fe0508507ef203dd3d5125b1528c1b635310fef9dab9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn-promote.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:16:07 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:29 GMT

GET
H2 200 long_blue_medium.png
cdn-promote.weebly.com/img/messenger/ 3 KB
3 KB 6ms
5ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-promote.weebly.com/img/messenger/long_blue_medium.png
Requested by: Host: cdn-promote.weebly.com
URL: https://cdn-promote.weebly.com/css/messenger-container.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b44f1bf6e308efb23c9b79ee8472309161131ced8174eae0d140d43effe56e8

Request headers

Referer: https://cdn-promote.weebly.com/css/messenger-container.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 234655
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor2.sf2p.intern.weebly.net
content-length: 2582
x-served-by: cache-sjc10071-SJC, cache-fra19152-FRA
last-modified: Tue, 24 Aug 2021 17:11:03 GMT
server: nginx
x-timer: S1630136370.878886,VS0,VE0
etag: "61252827-a16"
x-cache-hits: 2, 2
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 26 Aug 2021 14:28:35 GMT

GET cdn.js
localhost/CampTree/assets/ 0
0

GET
H/1.1 200
OK btn-g201-left.png
emarketing.activenetwork.com/res/button/images/ 3 KB
4 KB 155ms
155ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emarketing.activenetwork.com/res/button/images/btn-g201-left.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

8e4193bfd80a6be58d377880f2c2605216fe9c696e19c17f0672af4e6e9ef4b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emarketing.activenetwork.com/res/button/css/button-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 178
Last-Modified: Tue, 08 Nov 2011 22:45:04 GMT
ETag: "09843e689ecc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:32 GMT
Accept-Ranges: bytes
Content-Length: 2994
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g201-right.png
emarketing.activenetwork.com/res/button/images/ 9 KB
10 KB 313ms
157ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emarketing.activenetwork.com/res/button/images/btn-g201-right.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

52d34439251a70a9748fc4cc2cd0b1b748f396a0fec69d3cebfecf91e47fdbd2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emarketing.activenetwork.com/res/button/css/button-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 173
Last-Modified: Wed, 09 Nov 2011 00:50:23 GMT
ETag: "80f1ef8f799ecc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:33 GMT
Accept-Ranges: bytes
Content-Length: 9583
X-XSS-Protection: 1; mode=block

GET cdn.js
localhost/CampTree/assets/ 0
0

GET
H2 200 play-icon.png
cdn2.editmysite.com/images/util/videojs/ 3 KB
4 KB 8ms
7ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/util/videojs/play-icon.png?1625861773
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64c766443a2a39e78f6ac184a19545d6b7bbee0b0ebd0c3471b51cbfad5fffd0

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish
age: 177389
x-guploader-uploadid: ADPycdvSRvwARGNt555Svy0mt7m78wUlRPDGk9q2Od0J0rbYcLOZcX7wyJyHZinl7pysCU2Tw4mEFFskN6SdL-_-xsgsPKIAfw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
content-length: 3434
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 19:36:52 GMT
server: UploadServer
x-timer: S1630136370.953227,VS0,VE0
etag: "22d7478d7d87858ddc07bec0d2d15af2"
x-goog-hash: crc32c=jhQo6Q==, md5=ItdHjX2HhY3cB77A0tFa8g==
x-goog-generation: 1495741012858797
access-control-allow-origin: *
expires: Sun, 29 Aug 2021 06:23:01 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 3434
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H/1.1 200
OK 41889939_671938836533431_8247257757203572867_n_444.jpg
www.harrypottercamps.org/uploads/b/72038099-456397320103264910/ 67 KB
68 KB 166ms
165ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/b/72038099-456397320103264910/41889939_671938836533431_8247257757203572867_n_444.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: f0bc8c3b2f60f746aa104f2466a125f67f89272d674eaeae6d3427eace06c993

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: f0bc8c3b2f60f746aa104f2466a125f67f89272d674eaeae6d3427eace06c993
Last-Modified: Fri, 28 Dec 2018 01:08:37 GMT
Server: nginx
x-amz-request-id: tx00000000000003a180935-006012a257-177c75c-las
ETag: "70769039989427c2976907e46c25fda7"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu19.sf2p.intern.weebly.net
X-Storage-Bucket: zf0bc
Accept-Ranges: bytes
Content-Length: 68994

GET
H/1.1 200
OK btn-g206-left.png
emarketing.activenetwork.com/res/button/images/ 5 KB
6 KB 529ms
296ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emarketing.activenetwork.com/res/button/images/btn-g206-left.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

01f5a97da992d4edb953be33bbfe3dcce7b308f30afcad1b55ef41a6c58cc859

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emarketing.activenetwork.com/res/button/css/button-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 177
Last-Modified: Thu, 10 Nov 2011 21:20:23 GMT
ETag: "805948eee9fcc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:32 GMT
Accept-Ranges: bytes
Content-Length: 5566
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g206-right.png
emarketing.activenetwork.com/res/button/images/ 13 KB
14 KB 424ms
160ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emarketing.activenetwork.com/res/button/images/btn-g206-right.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

eb85fc494884c19e75ea6b43383d36bef5b0dca2e090a2ec39363842dfbdf692

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emarketing.activenetwork.com/res/button/css/button-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 174
Last-Modified: Thu, 10 Nov 2011 21:20:23 GMT
ETag: "805948eee9fcc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:33 GMT
Accept-Ranges: bytes
Content-Length: 13370
X-XSS-Protection: 1; mode=block

GET
H3-29 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700&subset=latin,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.harrypottercamps.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:53:57 GMT
x-content-type-options: nosniff
age: 330332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 11:53:57 GMT

GET
H2 200 wsocial.woff
cdn2.editmysite.com/fonts/wSocial/ 3 KB
3 KB 6ms
5ms Font
application/font-woff 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1629232233483
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df

Request headers

Origin: https://www.harrypottercamps.org
Referer: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 841820
x-cache: HIT, HIT
x-cache-hits: 2, 3735
content-length: 2636
x-served-by: cache-sjc10036-SJC, cache-fra19148-FRA
last-modified: Tue, 17 Aug 2021 20:32:37 GMT
server: nginx
x-timer: S1630136370.943643,VS0,VE0
etag: "611c1ce5-a4c"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 01 Sep 2021 13:49:09 GMT

GET
H3-29 200 wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v14/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v14/wlp_gwjKBV1pqhv43IE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700,400italic&subset=latin,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

642d97daf5734304f14a112f401f96397bdd3ff2a828903bc251135ff18e83bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.harrypottercamps.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:08:54 GMT
x-content-type-options: nosniff
age: 178235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 06:08:54 GMT

GET cdn.js
localhost/CampTree/assets/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2794
date: Sat, 28 Aug 2021 06:52:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 28 Aug 2021 08:52:56 GMT

GET
H2 200 snowday262.js Show response
cdn2.editmysite.com/js/wsnbn/ 73 KB
25 KB 6ms
6ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 770807
x-cache: HIT, HIT
x-cache-hits: 1, 63363
content-encoding: gzip
content-length: 25723
x-served-by: cache-sjc10068-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136370.173182,VS0,VE0
etag: W/"611c1ce6-124fe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 02 Sep 2021 09:32:42 GMT

GET
H2 200 player_icons.png
cdn2.editmysite.com/images/old/mediaelement/ 6 KB
7 KB 6ms
6ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/old/mediaelement/player_icons.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/old/mediaelementplayer.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 221d22fbaf8d8fe3ce074f7bf50102a668768202dd309658ecec7ab9891c865e

Request headers

Referer: https://cdn2.editmysite.com/css/old/mediaelementplayer.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
via: 1.1 varnish
age: 256
x-guploader-uploadid: ADPycdsRHt9Opcux3I0oXOuNJI0KTHa1FMkqp1mK6D0PLtrgWxgU01A4sWE5N8HxK2Cytt2t_AohcB3FzgoohObqng
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
content-length: 6255
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 18:52:43 GMT
server: UploadServer
x-timer: S1630136370.208811,VS0,VE0
etag: "d03222f4fadab2a45d42e50bd33ef88a"
x-goog-hash: crc32c=q0/uqg==, md5=0DIi9PrasqRdQuUL0z74ig==
x-goog-generation: 1495738363211961
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 07:34:41 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 6255
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 sep.png
cdn2.editmysite.com/images/old/mediaelement/ 1 KB
1 KB 6ms
6ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/old/mediaelement/sep.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/old/mediaelementplayer.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b29d155be41bba9027d045e9961d4b240f03dda60ec22fc148d046032221c903

Request headers

Referer: https://cdn2.editmysite.com/css/old/mediaelementplayer.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
via: 1.1 varnish
age: 65036
x-guploader-uploadid: ADPycdvtq1jriWoYDuxKcIBOxkNXDC3rE-kKoac0of_Recwczcl_ZlD0-ohd0taI7hVpxC45QPfxU4Ac5wFt6u8oDQc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
content-length: 1076
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 18:52:45 GMT
server: UploadServer
x-timer: S1630136370.215472,VS0,VE1
etag: "a8be123cab8a25065a347de848a0915c"
x-goog-hash: crc32c=CMEVCA==, md5=qL4SPKuKJQZaNH3oSKCRXA==
x-goog-generation: 1495738365637413
access-control-allow-origin: *
expires: Mon, 30 Aug 2021 13:35:34 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 1076
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 control_icons.gif
cdn2.editmysite.com/images/old/slideshow/ 187 B
607 B 6ms
5ms Image
image/gif 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/old/slideshow/control_icons.gif
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 00bd643d7b1cd928b72aa4b6d69df8d5838a8f07e26294fda69ab365fa454c3f

Request headers

Referer: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
via: 1.1 varnish
age: 20177
x-guploader-uploadid: ADPycdsaiXvLtLDNJ-xS1XiaSZGm4Niig03DGoK91HXm2-htn3oOQVl6to-wgZ7bbgc4Xhkg_33s48VgTLAadbceNg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
content-length: 187
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 18:53:05 GMT
server: UploadServer
x-timer: S1630136370.223246,VS0,VE0
etag: "88041de02e278ceedcd7de52bcdb8156"
x-goog-hash: crc32c=P9yuOw==, md5=iAQd4C4njO7c195SvNuBVg==
x-goog-generation: 1495738385881388
access-control-allow-origin: *
expires: Sun, 01 Aug 2021 01:56:31 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 187
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 31

GET
H2 200 loading.gif
cdn2.editmysite.com/images/old/ 3 KB
3 KB 6ms
5ms Image
image/gif 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/old/loading.gif
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 37f5bf015ade9651005d72bcfdbb48838014c1c357f848585df731bc7eaff120

Request headers

Referer: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
via: 1.1 varnish
age: 27969
x-guploader-uploadid: ADPycdsgt3WwrpCnQP-VlhDwXL3XXzGbgllESPAhfNx_28qB57bYiVP4JOTiPBUj1Lcxi_MRXddPeZ_LP8GNDXnz67E
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
content-length: 2964
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 18:45:50 GMT
server: UploadServer
x-timer: S1630136370.234068,VS0,VE0
etag: "0b0212ec4e07451700c88a335ebba854"
x-goog-hash: crc32c=F+8alw==, md5=CwIS7E4HRRcAyIozXruoVA==
x-goog-generation: 1495737950396999
access-control-allow-origin: *
expires: Sat, 10 Jul 2021 23:49:59 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 2964
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 39

GET
H/1.1 200
OK campdemigodswords_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 109 KB
109 KB 162ms
161ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/campdemigodswords_orig.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: dd407f8b3e53b5bce97869f6d77dc20d8787dbe5206ebe1b79b02c26b7cac630

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
X-Storage-Object: dd407f8b3e53b5bce97869f6d77dc20d8787dbe5206ebe1b79b02c26b7cac630
Last-Modified: Sun, 02 Dec 2018 10:07:25 GMT
Server: nginx
x-amz-request-id: tx0000000000001d5b22919-0060e6ed30-131dd7c-las
ETag: "63f32897d76461435ae6c28af531d3ca"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: grn19.sf2p.intern.weebly.net
X-Storage-Bucket: zdd40
Accept-Ranges: bytes
Content-Length: 111275

GET
H/1.1 200
OK campgrouplodge_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 111 KB
111 KB 174ms
174ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/campgrouplodge_orig.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: fac9eb638da2f8a40f73d0d78b0be6133e0565ef43bbb1fee0a5b9c83f11956d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: fac9eb638da2f8a40f73d0d78b0be6133e0565ef43bbb1fee0a5b9c83f11956d
Last-Modified: Tue, 18 Feb 2020 23:40:01 GMT
Server: nginx
x-amz-request-id: tx000000000000075173e5c-005ff54ff3-15b3dc2-las
ETag: "66287811364ceae3d805ff7881b4883b"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu27.sf2p.intern.weebly.net
X-Storage-Bucket: zfac9
Accept-Ranges: bytes
Content-Length: 113347

GET
H/1.1 200
OK 20170731-130929_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 285 KB
285 KB 163ms
163ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/20170731-130929_orig.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: a9304eccdc03e3bded20f8e374a90533258d2ce9912f284a5f78f18c182a0e21

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: a9304eccdc03e3bded20f8e374a90533258d2ce9912f284a5f78f18c182a0e21
Last-Modified: Sun, 02 Dec 2018 10:06:59 GMT
Server: nginx
x-amz-request-id: tx000000000000095ed0a2a-006016dfc3-15b3dc2-las
ETag: "bf33b90ab531ff2cfe08f13acccd0fce"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: grn30.sf2p.intern.weebly.net
X-Storage-Bucket: za930
Accept-Ranges: bytes
Content-Length: 291436

GET
H/1.1 200
OK screen-shot-2019-07-15-at-2-59-40-pm_orig.png
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 740 KB
741 KB 169ms
169ms Image
image/png 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/screen-shot-2019-07-15-at-2-59-40-pm_orig.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 2470ddbc8a8e00b2e8df9721c68b22a09a273ae2cc242fef08fe182ddfa65f23

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: 2470ddbc8a8e00b2e8df9721c68b22a09a273ae2cc242fef08fe182ddfa65f23
Last-Modified: Wed, 31 Jul 2019 23:06:43 GMT
Server: nginx
x-amz-request-id: tx00000000000010982400d-0060f03992-177c75c-las
ETag: "870d51893cbfe51f54d525e36b8c2ba8"
Content-Type: image/png
Connection: keep-alive
X-Host: blu26.sf2p.intern.weebly.net
X-Storage-Bucket: z2470
Accept-Ranges: bytes
Content-Length: 757998

GET
H/1.1 200
OK hikingkids_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 293 KB
294 KB 164ms
164ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/hikingkids_orig.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 6973bf1a0b5aa783ef1507f5d77a2e4498a0f588f28becbe67f11571e9790f7d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: 6973bf1a0b5aa783ef1507f5d77a2e4498a0f588f28becbe67f11571e9790f7d
Last-Modified: Sun, 02 Dec 2018 10:56:01 GMT
Server: nginx
x-amz-request-id: tx00000000000015f8ba2fe-0060ee12f9-15b3dc2-las
ETag: "4601c45a1b3a0034900f37ee9abbe676"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu26.sf2p.intern.weebly.net
X-Storage-Bucket: z6973
Accept-Ranges: bytes
Content-Length: 300444

GET
H/1.1 200
OK hike_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 241 KB
242 KB 166ms
166ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/hike_orig.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 03546a37d2a0717f56121329cc62928adfe5e28d2054f380bf6265febbf1dd42

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: 03546a37d2a0717f56121329cc62928adfe5e28d2054f380bf6265febbf1dd42
Last-Modified: Sun, 02 Dec 2018 10:07:29 GMT
Server: nginx
x-amz-request-id: tx0000000000001cf6f597a-0060df752e-131dd7c-las
ETag: "f800da322c4e2d5da4988ba063589cd1"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: grn19.sf2p.intern.weebly.net
X-Storage-Bucket: z0354
Accept-Ranges: bytes
Content-Length: 247192

GET
H2 200 4296.json Show response
www.activityhero.com/widgets/ 325 B
975 B 414ms
397ms XHR
application/json 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityhero.com/widgets/4296.json

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widget.js?v=1597639646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2805ebf2d69532e03ca433d9ae3a02469c4102ecafda0968c42be806169c830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
access-control-request-method: GET
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
access-control-allow-methods: GET
strict-transport-security: max-age=31536000
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 6c8adad0-0eae-440b-b88d-3c7ebab20b1f
x-runtime: 0.008640
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNCAOhrsIGu0sgGXJadpW5w8PByiUTuQ%2FKlHKQ3GIomry0SHWB0FXgtM8IZEwoaJ8EMVBqZ%2FJ%2FxEPlNk4NBg52k1s2%2F2O%2BiIjqqiQnZ4vOgUq5%2BxCbNFfKVPx8XvRuS2X1Nb%2BskfV9mnzI8fWLeH8J4A"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 685be2da1c8ac27c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
pragma: no-cache

GET
H2 200 4002.json Show response
www.activityhero.com/widgets/ 273 B
1 KB 406ms
390ms XHR
application/json 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityhero.com/widgets/4002.json

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widget.js?v=1597639646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

616bb2efce280c7cc242a04ddae86a1ece85d619b9556f795c152bcd4eab464e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
access-control-request-method: GET
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
access-control-allow-methods: GET
strict-transport-security: max-age=31536000
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 4ba01e1c-e840-4104-8a76-132258ed9789
x-runtime: 0.008188
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMaEY%2BAlUEyJCW18ky5JKgsMOu%2Fqh%2BFqMudZrju6sa%2FeV5HQhffrXh9YBrWOKZclTe9Fb8a3FN7jIFZlHL2P%2Fr0%2BKf3hIzOPMqseoSFRzVkZk5nVSKt%2BeDbyirWvKBdFrBin%2BWwqQ2rs%2FJxbGA7qQNyJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 685be2da1c8ec27c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
pragma: no-cache

GET
H3-29

429

/
www.instagram.com/accounts/login/ Frame 9A94
Redirect Chain

https://www.instagram.com/p/B6XtvtppKl8/embed/captioned/?cr=1&v=12&wp=555&rd=https%3A%2F%2Fwww.harrypottercamps.org&rp=%2F
https://www.instagram.com/accounts/login/

0
0

156ms
156ms

Document
text/html

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/accounts/login/

Requested by

Host: www.instagram.com
URL: https://www.instagram.com/embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com https://.facebook.com https://.fbsbx.com; font-src data: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://graphql.instagram.com https://.cdninstagram.com https://api.instagram.com https://i.instagram.com https://.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /accounts/login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.harrypottercamps.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.harrypottercamps.org/

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Sat, 28 Aug 2021 07:39:30 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 46
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 20800
x-ig-origin-region: ash
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
proxy-status: http_request_error; e_clientaddr="AcIgshh87gBn3JYFkuUJTDWsw6ujyhVSuF5gS3fbnzPSLWXm6HdYa5YHXLucX3s4vqc9OdYCDwTSEl9qL2E3c-7m8NhziiyQlpNus6OfFEcMWg"; e_fb_binaryversion="AcKdhbQwQk1wCx6Kfkgkn19afC_iNfHAw7FkAANsB4JLqCtm2PmEykt37FV1qG_BmZlEjWTu7_J4wodSz36ilglpYfkQFs9V8wA"; e_upip="AcINByVx0ZJ7eDQgAx7I9KtIydZLCDLoBbXT4v8MS10RzEtUWEeppWm5QXXkTnjbgeop3wOew_kjCq5xnnu31ROh1sAv9WBgBg"; e_proxy="AcJaVjHZsFjHrByIxNYaEU5WaynbHmGegiS3j1XfG1XhtW61anTfxehHszYqYJc75SBd8NJsnd7gx3JgoV0"; e_fb_builduser="AcKDQQfXGEnLI7rVvNlzUcxINycRysth0jRNKy244ukvvbVHMM48CFjnfPgRbJ30qhI"; e_fb_vipaddr="AcLKS9TQ2FqS-NSPisf5DhhaCaAFVZ9LGw5CcbQvZITwbKfwaooqdkF1lIpBCaW23F6RqkqHOuhdzVuqqiwvuPsFuB-ncDladHqc9DQ", http_request_error; e_clientaddr="AcJgl68GKojZS1xv4oZNdO1LcAIoMIaoFhlZpN-NFk_YcND7xZ4u6hj96ssf0VMEl1wTHdYqksaN9vNrs5ZDKfIdZwrOLQ"; e_fb_binaryversion="AcIEAIkIDU312rUBCC88xjaeEeqwQ1VXcMxOw7fVZg1pfBU-4PTVCxOtEyo3opP6hhiOmsU-FPOYdL3aTplY_aVwtuA7D_3NWgw"; e_upip="AcJ9NDMGnYA_5YP13dmWH16rTfhcFwpjYzUDyC79hrkWDmeFJOPiEYGZybRytqOmx-k6OgoTEHHtPsqNSAR_aezu5fSvGgm9pxuWBnY"; e_proxy="AcKX-uf9aS0Ewykp9wOn-Hfj2SPJJn-wy3paaVCvOgLGJ6ID0FsO6UsZh_EEWIOUl5XaBO40BGgbBo0"; e_fb_builduser="AcIT4hG98-AbPRP-RHxupH754DeHvtaswxIyF7S54VTncUz4Vr_oQLCsTfs-zcRQEvc"; e_fb_vipaddr="AcJx6KjwATJwocw-BxNztGnARhwprIbDs9WUKBEcjnGXkcYG_N1z1hPrziM86cgBKLMRuxia8s1g9eHJ35xdLDBmEFB_0AG-P4grpGg"
priority: u=3,i

Redirect headers

content-type: text/html; charset=utf-8
location: https://www.instagram.com/accounts/login/
vary: Accept-Language, Cookie
content-language: en
date: Sat, 28 Aug 2021 07:39:30 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 46
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 0
x-ig-origin-region: ash
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 206
Partial Content aerial_video__656.mp4
www.harrypottercamps.org/uploads/b/72038099-456397320103264910/ 29 MB
0 170ms
169ms Media
video/mp4 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/uploads/b/72038099-456397320103264910/aerial_video__656.mp4
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: identity;q=1, *;q=0
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: video
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Range: bytes=0-
Referer: https://www.harrypottercamps.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: 4bd2571cffb96874f17739759789a217ea73eafca9c11491d1606338d6706e96
Last-Modified: Mon, 10 Feb 2020 00:19:13 GMT
Server: nginx
x-amz-request-id: tx000000000000002084885-0061293f5c-a803088-sfo1
ETag: "a7aadcc96dd90a7d90c36d0bcc166f50-6"
Connection: keep-alive
Content-Type: video/mp4
Content-Range: bytes 0-46524619/46524620
Cache-Control: max-age=315360000
X-Host: grn25.sf2p.intern.weebly.net
Content-Disposition: attachment
X-Storage-Bucket: z4bd2
Content-Length: 46524620
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 206
Partial Content 41889939_671938836533431_8247257757203572867_n_444.mp4
www.harrypottercamps.org/uploads/b/72038099-456397320103264910/ 5 MB
0 180ms
179ms Media
video/mp4 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/uploads/b/72038099-456397320103264910/41889939_671938836533431_8247257757203572867_n_444.mp4
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: identity;q=1, *;q=0
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: video
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Range: bytes=0-
Referer: https://www.harrypottercamps.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: a4e278e2c7bde881c2b69df4687134357ca1da4f4c3f7db67e5ab98b4ee6cfde
Last-Modified: Fri, 28 Dec 2018 01:08:37 GMT
Server: nginx
x-amz-request-id: tx000000000000065e71171-00603d3d03-177c75c-las
ETag: "c810c6e2edb9d1a9957e0607075772f3-2"
Connection: keep-alive
Content-Type: video/mp4
Content-Range: bytes 0-10532669/10532670
Cache-Control: max-age=315360000
X-Host: grn13.sf2p.intern.weebly.net
Content-Disposition: attachment
X-Storage-Bucket: za4e2
Content-Length: 10532670
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 206
Partial Content harrytheme.mp3
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 100 KB
0 162ms
162ms Media
audio/mpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/harrytheme.mp3
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: identity;q=1, *;q=0
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: audio
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Range: bytes=0-
Referer: https://www.harrypottercamps.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 28 Aug 2021 07:39:32 GMT
X-Storage-Object: 55e5429b442a4e0881bd4992ec5aa89bf6bcff0bcdb5bf851241528969067460
Last-Modified: Wed, 12 Dec 2018 02:16:01 GMT
Server: nginx
x-amz-request-id: tx0000000000000a43c22a9-00602443fa-15b3dc2-las
ETag: "b639e674470dfbc930908763b1e11747"
Content-Type: audio/mpeg
Content-Range: bytes 0-720895/720896
Connection: keep-alive
X-Host: blu13.sf2p.intern.weebly.net
X-Storage-Bucket: z55e5
Content-Length: 720896

POST
H/1.1 200
OK / Show response
www.harrypottercamps.org/ajax/api/JsonRPC/CustomerAccounts/ 348 B
630 B 357ms
183ms XHR
application/json 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harrypottercamps.org/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: Apache /
Resource Hash: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.harrypottercamps.org
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: is_mobile=0; language=en
Connection: keep-alive
Content-Length: 83
Pragma: no-cache
Host: www.harrypottercamps.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://www.harrypottercamps.org/
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.harrypottercamps.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Content-Type: application/json
X-Host: pages54.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=74
Content-Length: 348
X-UA-Compatible: IE=edge,chrome=1

OPTIONS
H2 200 tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 0
0 182ms
182ms Preflight 52.43.249.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 52.43.249.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-249-183.us-west-2.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.harrypottercamps.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
content-length: 0
access-control-allow-origin: https://www.harrypottercamps.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
ec.editmysite.com/com.snowplowanalytics.snowplow/ 2 B
334 B 185ms
184ms XHR
text/plain 52.43.249.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.249.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-249-183.us-west-2.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.harrypottercamps.org
date: Sat, 28 Aug 2021 07:39:30 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK freecall_trackdiv1.js Show response
track.freecallinc.com/ 63 KB
15 KB 186ms
185ms Script
application/javascript 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.freecallinc.com/freecall_trackdiv1.js?company_id=90112&site_id=86487&js_enabled=1&phpsessid_js=1630136370389c8g94kr6e18nhr7yxx2&is_first_js=1&psid=1630136370389c8g94kr6e18nhr7yxx2|1|||||||&http_referer_js=&title=DIGIVATIONS%20CAMP%20DEMIGOD%20INSTITUTE%20-%20OVERNIGHT%20CAMP%20HALF-BLOOD!%20HARRY%20POTTER%20CAMPS!&uid=&uml=&unm=&cnm=&wixpageTitle=&wixurl=&wixreferer=&enc=UTF-8&plng=en&globid=82451630136370&timestamp=1630136370390
Requested by: Host: track.freecallinc.com
URL: https://track.freecallinc.com/freecall.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2b7124996688777d179d79e6d7ec45edd9a060b641f28609360f77ab8831be62

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 07:39:30 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=5, max=99
Content-Length: 14416
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ Frame C831 82 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:03:46 GMT

GET
H/1.1 200
OK generateVideo.php Show response
www.weebly.com/weebly/apps/ Frame C831 8 KB
8 KB 173ms
173ms Script
application/javascript 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/generateVideo.php?source=weebly&output=js&elementid=914510340858655771&user=72038099&ineditor=0&align=center&margintop=10px&marginbottom=10px&downloadable=1&height=366&video=b/72038099-456397320103264910/my_movie_4_250.mp4&image=b/72038099-456397320103264910/my_movie_4_250.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: d1c1681cf607c7105a3e66a550753566545a8b7936464eba3479ac83219e242d

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
Server: Apache
Vary: User-Agent
Content-Type: application/javascript
X-W-DC: SFO
Transfer-Encoding: chunked
X-Host: editor10.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=69
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK icon_close.png
track.freecallinc.com/images/ 332 B
737 B 188ms
186ms Image
image/png 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.freecallinc.com/images/icon_close.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 22cbc9b0d4be5feed5f7c1f64cd75a7021b02811a58b1b6b25609c11053e6012

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
Last-Modified: Thu, 16 Oct 2014 10:00:31 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "14c-5058751950dc0"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Content-Length: 332

GET
H/1.1 200
OK icon_restore.png
track.freecallinc.com/images/ 187 B
591 B 371ms
182ms Image
image/png 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.freecallinc.com/images/icon_restore.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2ed4b43e4c9ea109492d70d2eb431564a33018c1e4ae2b43058b7d9914729aff

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:30 GMT
Last-Modified: Thu, 16 Oct 2014 10:00:37 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "bb-5058751f09b40"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Content-Length: 187

GET
H/1.1 200
OK callnow.png
track.freecallinc.com/voip/images/ 7 KB
7 KB 551ms
182ms Image
image/png 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.freecallinc.com/voip/images/callnow.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0768b8499fc3a1c510ffb342ac26b266a8b2a922c30a086adc67cde26de02dc9

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
Last-Modified: Wed, 28 Sep 2016 08:57:49 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1a99-53d8d8e3b8d17"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 6809

GET
H/1.1 200
OK chatnow.png
track.freecallinc.com/voip/images/ 8 KB
8 KB 553ms
182ms Image
image/png 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.freecallinc.com/voip/images/chatnow.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6d4fd4d398c720bb009dc83e9433e13487532f182569533cf7e222cecfe5f176

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
Last-Modified: Sat, 04 Jun 2016 08:21:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1fae-5346f856bc500"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=96
Content-Length: 8110

GET
H/1.1 200
OK leavemessage.png
track.freecallinc.com/voip/images/ 8 KB
9 KB 556ms
184ms Image
image/png 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.freecallinc.com/voip/images/leavemessage.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0c39401de18899e21b9aed0de8b91ce103ba2c4f667d1fda132a00cfac47bdc3

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
Last-Modified: Wed, 28 Sep 2016 08:57:47 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2146-53d8d8e247ad7"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 8518

GET
H/1.1 200
OK icon_remove.png
track.freecallinc.com/images/ 332 B
738 B 563ms
187ms Image
image/png 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.freecallinc.com/images/icon_remove.png
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 22cbc9b0d4be5feed5f7c1f64cd75a7021b02811a58b1b6b25609c11053e6012

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
Last-Modified: Fri, 17 Oct 2014 13:59:10 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "14c-5059ec4e70780"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 332

GET
H/1.1 200
OK processing.gif
track.freecallinc.com/images/ 9 KB
10 KB 183ms
182ms Image
image/gif 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.freecallinc.com/images/processing.gif
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cecd639ba0bcb25de62b13144e1d2d61d08828df31b9f7184f7bccdc47aecd15

Request headers

Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
Last-Modified: Tue, 25 Jul 2017 10:33:06 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "24d3-55521db616cbd"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5, max=99
Content-Length: 9427

GET
H/1.1 200
OK btn-g201-left.png
emarketing.activenetwork.com/res/button/images/ 3 KB
0 155ms
155ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g201-left.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

8e4193bfd80a6be58d377880f2c2605216fe9c696e19c17f0672af4e6e9ef4b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 178
Last-Modified: Tue, 08 Nov 2011 22:45:04 GMT
ETag: "09843e689ecc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:32 GMT
Accept-Ranges: bytes
Content-Length: 2994
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g201-right.png
emarketing.activenetwork.com/res/button/images/ 9 KB
0 313ms
157ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g201-right.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

52d34439251a70a9748fc4cc2cd0b1b748f396a0fec69d3cebfecf91e47fdbd2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 173
Last-Modified: Wed, 09 Nov 2011 00:50:23 GMT
ETag: "80f1ef8f799ecc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:33 GMT
Accept-Ranges: bytes
Content-Length: 9583
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g206-left.png
emarketing.activenetwork.com/res/button/images/ 5 KB
0 529ms
296ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g206-left.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

01f5a97da992d4edb953be33bbfe3dcce7b308f30afcad1b55ef41a6c58cc859

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 177
Last-Modified: Thu, 10 Nov 2011 21:20:23 GMT
ETag: "805948eee9fcc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:32 GMT
Accept-Ranges: bytes
Content-Length: 5566
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g206-right.png
emarketing.activenetwork.com/res/button/images/ 13 KB
0 424ms
160ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g206-right.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

eb85fc494884c19e75ea6b43383d36bef5b0dca2e090a2ec39363842dfbdf692

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 174
Last-Modified: Thu, 10 Nov 2011 21:20:23 GMT
ETag: "805948eee9fcc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:33 GMT
Accept-Ranges: bytes
Content-Length: 13370
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK deskgod.woff2
track.freecallinc.com/widget_modern/css/font2/ 2 KB
2 KB 574ms
191ms Font
application/octet-stream 44.237.245.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.freecallinc.com/widget_modern/css/font2/deskgod.woff2
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.245.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-245-63.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ddc2f6a2bb705e6be21afb36c3f983d9e216a6e34d4e7c0dc7a0c05a7dc9e730

Request headers

Origin: https://www.harrypottercamps.org
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
Last-Modified: Tue, 04 Dec 2018 11:17:27 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "814-57c30691a6fa1"
P3P: policyref="/w3c/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2068

GET
H/1.1 200
OK my_movie_4_250.jpg
www.harrypottercamps.org/uploads/b/72038099-456397320103264910/ 224 KB
224 KB 164ms
163ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/b/72038099-456397320103264910/my_movie_4_250.jpg
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 81b6b686799b22f7e098c173dd1d2c4e634cb763e3f7d4dac06e809fff31ed45

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:32 GMT
X-Storage-Object: 81b6b686799b22f7e098c173dd1d2c4e634cb763e3f7d4dac06e809fff31ed45
Last-Modified: Mon, 03 May 2021 02:20:16 GMT
Server: nginx
x-amz-request-id: tx00000000000018697214a-00608f6440-131dd7c-las
ETag: "fcfb11c3474b375ec742a06a24b28958"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu8.sf2p.intern.weebly.net
X-Storage-Bucket: z81b6
Accept-Ranges: bytes
Content-Length: 229072

GET
H2 200 play-icon.png
cdn2.editmysite.com/images/util/videojs/ 3 KB
4 KB 6ms
6ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/util/videojs/play-icon.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64c766443a2a39e78f6ac184a19545d6b7bbee0b0ebd0c3471b51cbfad5fffd0

Request headers

Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 varnish
age: 200682
x-guploader-uploadid: ADPycds7KjNMxyWAYeknR14VHmtURI7jvW7udX-6-JAIDsdkJGWDSUsx-JRO8JvjxjB6ZcMjWO90uNduD5n0_gpFO4ZeYVrryw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
content-length: 3434
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 19:36:52 GMT
server: UploadServer
x-timer: S1630136371.137547,VS0,VE0
etag: "22d7478d7d87858ddc07bec0d2d15af2"
x-goog-hash: crc32c=jhQo6Q==, md5=ItdHjX2HhY3cB77A0tFa8g==
x-goog-generation: 1495741012858797
access-control-allow-origin: *
expires: Sat, 28 Aug 2021 23:54:49 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 3434
accept-ranges: bytes
content-type: image/png
x-cache-hits: 3

GET
H2 200 267447_4_0.woff
cdn2.editmysite.com/fonts/Proxima-Light/ 81 KB
82 KB 6ms
6ms Font
application/font-woff 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Proxima-Light/267447_4_0.woff?123597
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e1fc6b6ed76b920de3c74bf0905d090d2e5a54c0687d06a5d4042641af0ae78c

Request headers

Origin: https://www.harrypottercamps.org
Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 169057
x-cache: MISS, HIT
x-cache-hits: 0, 227
content-length: 83404
x-served-by: cache-sjc10074-SJC, cache-fra19148-FRA
last-modified: Tue, 24 Aug 2021 21:41:42 GMT
server: nginx
x-timer: S1630136371.630287,VS0,VE0
etag: "61256796-145cc"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 09 Sep 2021 08:41:52 GMT

GET
H2 200 74141 Show response
www.activityhero.com/widgets/review/ Frame A33B 90 KB
27 KB 745ms
745ms Document
text/html 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widget.js?v=1597639646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0202a95505c62c7f2fb6ab1589994d5d3be3616aec971169356da3abe8d01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.activityhero.com
:scheme: https
:path: /widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.harrypottercamps.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.harrypottercamps.org/

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: tid=BAhJIilmZDMwODRmNy03NjY2LTRlYWMtYjg1Ny1mNTRkMDAxMjQ4ODUGOgZFRg%3D%3D--936aa321514830658d59a61250a508108749c2c9; path=/; expires=Wed, 28 Aug 2041 07:39:30 -0000; Secure; SameSite=None aht=%7B%22aht_src%22%3A%2274141%22%2C%22aht_cam%22%3A%22review-widget%22%7D; path=/; expires=Sat, 04 Sep 2021 07:39:30 -0000; Secure; SameSite=None my_coordinates=%7B%22address%22%3A%22Palo+Alto%2C+CA%22%2C%22latitude%22%3A37.441883%2C%22longitude%22%3A-122.143019%2C%22city%22%3A%22Palo+Alto%22%2C%22state%22%3A%22CA%22%2C%22precision%22%3Anull%7D; path=/; Secure; SameSite=None _csrf_token=5LPFFvSEO8%2BBANFhWC76saymrevxdvRs5jUdmYsacDc%3D; path=/; Secure; SameSite=None _kidzexcel_session=VmJHQUd1Y2ZycFRMSTBzWnk2eFQ0MWtkMGpidFF6RXN1amE1RThFOWdOUXhrZzFzUG1VcmNWVWtzam5IN0xKZDE0YmtUY251N3VMdXpIWlF5VEZIUDZPZHQvcldZdCtZckUrQjA4N0xMVXRKUGRUMEJqbkpGZXpOSXRtL3R3bzFlcXJHVFBKQ29rbDRsb01ycDNkUkxCSG16K0xuYml3cHNsWFVCKzJ5RGZPNC93WVErazNMOGhsdXZnQVVWQnlnWVZza2VtNTV5Q0o4L3JnUUF3Z0pWR3FtS3YvZTZhMlZkaHRXMnBCYVRobTJGcDluWWpWRTBvamhYRnZwQU5PUU5uNFY5cnlMRHJOMXZZc3Q3Y0F3TGdQQ3BsaVVsQzdtdEZTaEtaL1g3V3R6S0ZWYTBycExwaHJwWVNLNHRiZXVXWUMrV1h4NHdacmtXODZRQitqeWxFWHFnaExkZGFSbURVa0FrZFc3eGhhczN0NzRJTzJwL2V0YkJBM0p0SFNILS1XVUw1eStQaWhFcGZUQjU5WkFmbFJBPT0%3D--a400ff59dffea578cd4d7d5cf181c43decbe960c; path=/; secure; HttpOnly; SameSite=None
x-request-id: cd848be5-93d3-43d5-8169-5489729f74fb
x-runtime: 0.347172
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NK4R9knpiGOyB3Dlvk7ZNzyrKcOF9pKdVRBRPUWdP7vKHnwKN7TZ47Nam%2BrlU%2Bem%2FzJHzccze8kgpvZcVOk6Sw0lasCRPc9rMrOIvf8IpgeA7Zl%2BVDDCmnYkJCbBWbDFExCXSWViAwCOEeleBnhEjIdT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 685be2dc8f9c1766-FRA
content-encoding: br

GET
H2 200 schedule_with_photo Show response
www.activityhero.com/widgets/ Frame D4B8 53 KB
21 KB 492ms
492ms Document
text/html 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widget.js?v=1597639646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1b6abd77444a684c4dbe1b6b57496dbab71f4ed2a8adb9b3522c9c7a028bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.activityhero.com
:scheme: https
:path: /widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.harrypottercamps.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.harrypottercamps.org/

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: tid=BAhJIik3NjUwOGYwMC02MTVjLTRhYjMtOTI1Yi1lNjQ3M2M4ZjI5OTEGOgZFRg%3D%3D--20de48e3da25585d45fe814b254e7edea9c8472b; path=/; expires=Wed, 28 Aug 2041 07:39:31 -0000; Secure; SameSite=None aht=%7B%22aht_src%22%3A%2274141%22%2C%22aht_cam%22%3A%22new-schedule-widget%22%7D; path=/; expires=Sat, 04 Sep 2021 07:39:31 -0000; Secure; SameSite=None my_coordinates=%7B%22address%22%3A%22Palo+Alto%2C+CA%22%2C%22latitude%22%3A37.441883%2C%22longitude%22%3A-122.143019%2C%22city%22%3A%22Palo+Alto%22%2C%22state%22%3A%22CA%22%2C%22precision%22%3Anull%7D; path=/; Secure; SameSite=None _csrf_token=dAPCNKXMEBjNuWEkNbRx63htARHFaa1r%2BLZPvt%2FIUyE%3D; path=/; Secure; SameSite=None _kidzexcel_session=STRtbS80MTRkb3hTVHVCUXJUdFlBWHJEQmhFeEVVMmlZT0ZrQ1U0eG5RRXFyWTVnakFaeWtKL0UyY0VCNVk2eWVSTVhWcWtqV0RwMThaMmJNVFVpb0pnT0hjdmJzUm1PcEU3SmFmTTJ4WGhyYktaOURHSFNlaTRYR1R5UEREMWMxdnluNm43a25mM2NFRjgwOVpqVmtqR0Q0NXlUWFpCWEFlWWhidk5UY1hhWEV3ZmZZMTF1YnRMV1VGZ2FlcVFsZWlidmMxMjdkalgydkhNcG5sVk4raUN2TC9RZHFBdVJSUlM1amVRRFJwOFIyQVYwRmZLMUNuUjFqa3BjRHYxTTJndnVyRlZlNHNVUHhCVVh0OUNGL1kzN0NwVnh0Q3k0NGxPWDE5Q3ZBU1hpczlIMW1SajM2Y3M0UjNKQklFN3pIc3JKajhxSnA5R0EzelVicTZOVW51aVkyd2N0ZzdlR2ZoNndPbW9rTnZlbUgrNGd1ajBIZTJvNFQ0Ri9GcjJQWGt5Mk9nNUI3VGZoQ3pWWWx6a1lJdz09LS1TRnN2YVg3RkFQQ1hPZ1Zla1NMU093PT0%3D--5c68bf0fa40582b55214083e8f49c3850f2ec7de; path=/; secure; HttpOnly; SameSite=None
x-request-id: 73ec645a-fbb9-46a9-b5bb-940537d321bd
x-runtime: 0.096309
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al0usGr%2F3i12oNqQqUcgdgh%2BhQ3cRbf6Q5UisdIVYKdFWuRKZ5NojJM1P%2FcR3%2FhZKKKixPdN9Z%2BjqQSL6v0uAzZ4UxWZZY1hSaqhdlzosMZdiFNfJPIzze7p18OKi1nPaQ5WEoira92xMfu%2Fqw%2F%2BCwpx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 685be2dcafb11766-FRA
content-encoding: br

GET
H/1.1 200
OK Cookie set leadForm Show response
promote.weebly.com/ Frame 23C3 5 KB
6 KB 536ms
225ms Document
text/html 74.115.50.106
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://promote.weebly.com/leadForm?form_id=e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Requested by: Host: cdn-promote.weebly.com
URL: https://cdn-promote.weebly.com/js/dist/lead-form.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.106 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: promote.weebly.com
Software: nginx /
Resource Hash: 11fe437727e189fee27249755564ba1c4da6edf3b96c249f0b71b86e184e5727

Request headers

Host: promote.weebly.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.harrypottercamps.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.harrypottercamps.org/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Host: teditor3.sf2p.intern.weebly.net
P3P: CP: IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
X-Orchestra: 547b3a5a4619c534efc1e5488ab3776ef085d2c3
X-Conductor: cb2af82f7a4c684365f8947ba3fa4393abdb43d8
Date: Sat, 28 Aug 2021 07:39:31 GMT
Set-Cookie: editor_session=eyJpdiI6IjFaeGVrZmNSeW9SVnFkc1ZTVzhSVWc9PSIsInZhbHVlIjoiU3pZcGdTaFRObTE0QmhxTjA0ZVptYklKVUl6WUVuWUlBeGZWN3VoUDZXcHdleVVMdzExYW8zbnNhbkN4anBGUmc2dkV1Q2I3R0Q0TTIyZDJhaW90N0E9PSIsIm1hYyI6IjdjM2Y0ZTMzYzkzZjc2NDE4NjlmNWJjNWRmYzk0ZWRiMDdmMGYyOWU5ZTI0NGQ4NTJlNWQ4MjM2NGEyYzRkZmQifQ%3D%3D; expires=Sat, 11-Sep-2021 07:39:31 GMT; Max-Age=1209600; path=/; domain=promote.weebly.com; HttpOnly sto-id-trumpet=APBDBOAK; Domain=promote.weebly.com; Path=/
X-W-DC: SFO

GET
H3-29 200 css
fonts.googleapis.com/ Frame D4B8 16 KB
903 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7174ecb763aa8f894af53733c6f30c7ee0018e2389b98e9e05e7b9c6f314c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 05:52:03 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
static.activityhero.com/assets/ Frame D4B8 553 KB
84 KB 34ms
23ms Stylesheet
text/css 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0371859ed106cbba1150504cf6975364fd18a1c290a0de3442901e45b2664fae

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68568
cf-polished: origSize=570085
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Fri, 27 Aug 2021 12:26:47 GMT
server: cloudflare
etag: W/"33322be730f466f143591d054fb98575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxXVOPvT8VsH7wflgeV5qWUfMO9XIF6gMCSzCIyj0pv8VZ39hgHxGQQZSOYTh5ChLlWsBaLGJC6o5RImwhlLo%2Bq4msqVbSPjGnwgVDYiVTaEEzYDklB4uU2EavIrogve8F30Inr94bAPuBevfjrghW4qsLmQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
cf-ray: 685be2e05c691766-FRA
x-amz-cf-id: IeGBhyWJZnJYi1RK4o8UeyqzYr9zwVXC2_mGyHHeEd97idw07FUODQ==
expires: Sat, 27 Aug 2022 18:26:46 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame D4B8 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 181
date: Sat, 28 Aug 2021 07:36:30 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 28 Aug 2021 09:36:30 GMT

GET
H2 200 errortrack-bundle-8af8a42d65a6c3aa55832e487cf8b71c220607c0d3820976f327cd49bdacd8e2.js Show response
static.activityhero.com/assets/ Frame D4B8 27 KB
11 KB 27ms
18ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/errortrack-bundle-8af8a42d65a6c3aa55832e487cf8b71c220607c0d3820976f327cd49bdacd8e2.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af8a42d65a6c3aa55832e487cf8b71c220607c0d3820976f327cd49bdacd8e2

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10980886
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 22 Aug 2019 11:40:08 GMT
server: cloudflare
etag: W/"0ba1165f53490e6daa71e3474f2255f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9XuZviQYmstMwcv2LzttCfJXyuN%2BBdql5H9B4nM70CNWJGARghIcdfxk4E9b%2FPruDmEcFHodhixP1wClYZbWZYSB0lvbVn1PiPwPPmkBC8XtEr5MVkhHtVwEngFnDbzire09azuzdgUGeMF1BZLGTMf0EMZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-amz-cf-pop: SEA19-C3
cf-ray: 685be2e05c6b1766-FRA
x-amz-cf-id: E9hWvULevg0Hk6l_TEYd4CbqYIn_If0vixD74OmieucQOb79ObSavg==
expires: Fri, 21 Aug 2020 17:40:07 GMT

GET
H2 200 early-load-e53eea8c5f3d2763acedd65d0680d12f51c389ed1e61afb2f47c34477e6a996c.js Show response
static.activityhero.com/assets/ Frame D4B8 12 KB
5 KB 28ms
19ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/early-load-e53eea8c5f3d2763acedd65d0680d12f51c389ed1e61afb2f47c34477e6a996c.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e53eea8c5f3d2763acedd65d0680d12f51c389ed1e61afb2f47c34477e6a996c

Request headers

Origin: https://www.activityhero.com
Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
vary: Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10980887
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
last-modified: Thu, 07 Jan 2021 12:07:37 GMT
server: cloudflare
etag: W/"5547ae2f2ef216293417a0d5441fbcd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD%2Fhh99WjzT2UHHuOhmoSiTbiG4xv3DQYXwGC2DKZlY7c1LEbWkhLKWcW5RydGTrCdT0XocCQJg%2Bmqtc401ppIi9id%2B1WCvAedVy2kfklFmpBauStx5Smr2dm1CodA3KY4P5%2BtVBvMXbydn4v6m3iisCeTOw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 07 Jan 2022 18:07:36 GMT
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
cf-ray: 685be2e05bd7c27c-FRA
x-amz-cf-id: bQqCtN0mbIhuhKJDzUXnXrmI6y1RRH19KIqYCQ8IVDBi9-FVxlnqFA==
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D4B8 101 KB
40 KB 35ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21063367-1

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6ad3e5b5770c62edec9808501236e662e8e04ce21fd47d1272ceaaacfbbac94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41159
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame D4B8 353 KB
114 KB 148ms
101ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 28 Aug 2021 07:39:31 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 widget-bundle-da325152c394e4d0e11cfcf9cbcabced5a2bf90c9fa99839234bd5b47490ec6e.js Show response
static.activityhero.com/assets/ Frame D4B8 2 MB
388 KB 40ms
31ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/widget-bundle-da325152c394e4d0e11cfcf9cbcabced5a2bf90c9fa99839234bd5b47490ec6e.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ee1d46fe010bf9aeb102f3d4086b795b34342fa6955db77ddd15fd6c1d4892

Request headers

Origin: https://www.activityhero.com
Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68568
cf-polished: origSize=1730406
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-encoding: br
last-modified: Fri, 27 Aug 2021 12:26:47 GMT
server: cloudflare
etag: W/"a6d62b1b15d8c569c2fa13dedb646544"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMfoG7kzOUIWos%2FB%2BIae4WCdr%2FT%2BaQJSzrMCD%2FrmMt7Vckmj5F%2FZ0UDHbp2Kobi%2BwDdDRkdPkKfZLjOEsLhQgzN%2FcDBerYoN0io8YbrQaUuLOZZRvQt3Kgmkvu%2FSneR5Ke4nACtG4e2QkL%2FP2fPjHiMYGJaj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 27 Aug 2022 18:26:46 GMT
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
cf-ray: 685be2e05bd4c27c-FRA
x-amz-cf-id: Qg9vUjJ7z-8mmZzMv7zYNhkwIpe3UNUXgXvHAEO0KrxnbAI8alK7dQ==
cf-bgj: minify

GET
H/1.1 200
OK icon-search-grey.png
www.harrypottercamps.org/files/theme/images/ 1 KB
2 KB 265ms
161ms Image
image/png 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/files/theme/images/icon-search-grey.png?1625952860
Requested by: Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/files/main_style.css?1625952860
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: e098ea42bde38a242959e0e4751bdbfd1b238ae4188cee3dff4b7475aba84f04

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/files/main_style.css?1625952860
Cookie: is_mobile=0; language=en; _snow_ses.78ae=*; _snow_id.78ae=d9c9b460-39e2-424c-aa61-514db08ce993.1630136370.1.1630136370.1630136370.f6be0405-ffad-4909-bf7b-9d100468ed13; phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2; perm_phpsessid_js_86487=1630136370389c8g94kr6e18nhr7yxx2|1|||||||
Connection: keep-alive
Referer: https://www.harrypottercamps.org/files/main_style.css?1625952860
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:31 GMT
X-Storage-Object: e098ea42bde38a242959e0e4751bdbfd1b238ae4188cee3dff4b7475aba84f04
Last-Modified: Wed, 29 Apr 2020 10:51:32 GMT
Server: nginx
x-amz-request-id: tx00000000000000063a90f-005eaa7741-1100fc6-las
ETag: "83b1c477885a8d1fa9f2ae003cd2c53a"
Content-Type: image/png; charset=binary
Connection: keep-alive
X-Host: grn30.sf2p.intern.weebly.net
X-Storage-Bucket: ze098
Accept-Ranges: bytes
Content-Length: 1255

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame D4B8 105 KB
40 KB 38ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV4G4S

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a84d0ed0540e5ea6d7532dcd0f6e46ca8c8e1a2e661ecb4c387878fe663f838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40678
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 heap-2397865696.js Show response
cdn.heapanalytics.com/js/ Frame D4B8 106 KB
42 KB 100ms
29ms Script
application/javascript 13.224.96.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2397865696.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-55.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6eaede743563af7757c5b202fa1e408edb40fe351e10135833307a9b779279e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:38:04 GMT
content-encoding: gzip
server: nginx
age: 87
etag: W/"1a90d-DCOXepstfPU/Z2644OHXUw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: ZRH50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: 7IHol6usHBO-hO-tEveZgK7oxWhJs2QXvU6tbuBkQ918siL4ExmIrg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame D4B8 99 KB
26 KB 8ms
5ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25996
x-xss-protection: 0
pragma: public
x-fb-debug: BvshAw8mvtb6rGWND6glr2FY+h0C3+6jxspE6WJcYm6zFVRLjAIqm/wpHLxCJL9KB25C8KhhIGJYqMIQpydvSw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 28 Aug 2021 07:39:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 995854240438059 Show response
connect.facebook.net/signals/config/ Frame D4B8 306 KB
87 KB 52ms
51ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/995854240438059?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03fabde8142ce95ceaf2d97bd4300363a867b25b9e80ec1e3fa3bda83b621b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: vVnWCoGb/mzkpgzlf6hc1up6SibHubn0/raJDqFKomETa7EKMVdDfZgh1w7p9YkA2N9EaTgVrSTm9Vrf0ERWtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 28 Aug 2021 07:39:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame D4B8 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.activityhero.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 17:11:08 GMT
x-content-type-options: nosniff
age: 311303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 17:11:08 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame D4B8 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e475bcc15da53b21ab3202ce0b25000c99ef4186a1d86e8ba258ab2cde3fb4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4pFzwbExE5GJntbQImF7TQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: xlLmlP8cjDB37ncSo8fYtf4f4vDp013/uPs0uc37ZubQcs0LtpbXe4W14SwqnFMXRhQOsXwamO+LXkMW2qgfUg==
x-fb-content-md5: ea5dcc44f2a144906f61bc99c4e05877
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 28 Aug 2021 07:39:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "21126183faf21efd85f75328b6d3dc4f"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Aug 2021 07:48:28 GMT

GET
H2 200 fontawesome-webfont.woff2
static.activityhero.com/assets/fonts/ Frame D4B8 55 KB
56 KB 16ms
15ms Font
application/octet-stream 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: static.activityhero.com
URL: https://static.activityhero.com/assets/widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://www.activityhero.com
Referer: https://static.activityhero.com/assets/widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding
vary: Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5245
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-length: 56780
access-control-allow-origin: *
last-modified: Sat, 14 Mar 2015 00:13:41 GMT
server: cloudflare
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN0XAlCtsm2ZZ5oTqSp6Ow3GMAAdxHLNadA%2F15%2FSzopN0ygvOD9AtRWjCwkBT84cjvamDH3YuT0B%2Bjjkhdp26hQc7fuA7bKn2NEZx2Xdipug08GJl6DtIF4qsbpK6xmIu8DFvMfmUlwI6TOQBNhWVbnX4EZb"}],"group":"cf-nel","max_age":604800}
via: 1.1 ef8f66c83aecd87910ce2e1153544a21.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: SEA19-C3
accept-ranges: bytes
cf-ray: 685be2e11ca8c27c-FRA
x-amz-cf-id: 6vSbwhKKCDhs3HiJ6PGNmZ88c0dZqmmC9CCaBmjyrBPrSTGyNGs1-g==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame D4B8 235 KB
68 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e5c830d3d9e3a5ee381e4708f2465167

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ec357056b56ba26a46017e4a7acb990824ed8c1b788daa9279785b30535ae6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.activityhero.com
Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: E0TtvYi3C7TWBmxfa+Rm8A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69781
x-fb-rlafr: 0
x-fb-debug: B7lo7SEEVMticVkG+9pQXa7KcH1fREUkMyDdCxvbZ0MmGh71Z7nFXx5W/HWeSc3e9vpzSr+6Cb2nxj9o6m2dWw==
x-fb-content-md5: 313e51b462fd171dd4bc79b76606fc46
x-frame-options: DENY
date: Sat, 28 Aug 2021 07:39:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "05b09ba0dd0dbf41535a1b6ad4118116"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 28 Aug 2022 06:42:51 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D4B8 36 KB
14 KB 23ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV4G4S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 9441931574288766250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 hotjar-2037533.js Show response
static.hotjar.com/c/ Frame D4B8 5 KB
2 KB 30ms
28ms Script
application/javascript 13.224.96.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2037533.js?sv=6

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-124.zrh50.r.cloudfront.net

Software

Resource Hash

eff4490e2a71f2fec96aec2e1b98f5b579351b921cb14a7aa9c11bca18ffaac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 44
etag: W/a45f3c898b4d777abab8ea5e22f5873b
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: N2pL_7q3a1hOv2TmpWgPmcedIWGNM-D7YOZmIXV1jcEtZLs_ujCGtg==
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame D4B8 97 KB
38 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1003418645&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21063367-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78a73044f86426e071d3aecdc73b2feeb5e787de6aca2850f3b5ef9e438931e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39389
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame D4B8 44 B
297 B 20ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=995854240438059&ev=PageView&dl=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&rl=https%3A%2F%2Fwww.harrypottercamps.org%2F&if=true&ts=1630136371429&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1630136371334&coo=false&rqm=GET

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 h
heapanalytics.com/ Frame D4B8 37 B
259 B 298ms
99ms Image
image/gif 52.201.89.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2397865696&u=2578922673165770&v=5162847287991251&s=5322130541344083&b=web&tv=4.0&z=0&h=%2Fwidgets%2Fschedule_with_photo&q=%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&d=www.activityhero.com&t=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&r=https%3A%2F%2Fwww.harrypottercamps.org%2F&ts=1630136371442&st=1630136371443&ei=141&et=variation

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.89.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-89-61.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3-29 200 status
www.facebook.com/x/oauth/ Frame D4B8 0
0 192ms
191ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.harrypottercamps.org&client_id=170860956325262&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&sdk=joey&wants_cookie_data=false

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activityhero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: xojWYLSpmiRR/S4b8ES2QDfr5JY1OxL5bPApzi/t+LhDwj98p+PC9V/V+HNw4kAnuyc0FnKsdCIH1zPjGNrlew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 28 Aug 2021 07:39:31 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.activityhero.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/ Frame D4B8 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/?random=1630136371453&cv=9&fst=1630136371453&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839ee8c8de84c4c8cb934ce4c023568094302fe556183ab5e7ef8fb723e27a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ Frame D4B8 221 KB
59 KB 30ms
29ms Script
application/javascript 13.224.96.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2037533.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-67.zrh50.r.cloudfront.net

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _zql1V4i4FmQmN-S8oTiYRwqmKcKzIBRL89_fQtHxjaP71khDTa2rQ==

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D4B8 36 KB
14 KB 27ms
27ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003418645&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 9441931574288766250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1003418645/ Frame D4B8 42 B
569 B 40ms
16ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003418645/?random=1630136371453&cv=9&fst=1630134000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=3461351630&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1003418645/ Frame D4B8 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003418645/?random=1630136371453&cv=9&fst=1630134000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=3461351630&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ui-framework-342cfbb220.css
cdn-promote.weebly.com/css/ Frame 23C3 226 KB
31 KB 7ms
6ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/css/ui-framework-342cfbb220.css
Requested by: Host: promote.weebly.com
URL: https://promote.weebly.com/leadForm?form_id=e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d09f6c5de2882d03bbd78547810289ae6a28e8dc005547e21f74af5766946814

Request headers

Referer: https://promote.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
age: 153333
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor2.sf2p.intern.weebly.net
content-length: 31223
x-served-by: cache-sjc10040-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 00:05:00 GMT
server: nginx
x-timer: S1630136371.485856,VS0,VE0
etag: W/"6126daac-38611"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Fri, 27 Aug 2021 13:03:58 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1065

GET
H2 200 lead-form-812b47ac62.css
cdn-promote.weebly.com/css/ Frame 23C3 115 KB
13 KB 10ms
9ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/css/lead-form-812b47ac62.css
Requested by: Host: promote.weebly.com
URL: https://promote.weebly.com/leadForm?form_id=e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 16f6155aa52da29a37a34de21c4aa451efe695a069769c29824ccf191ac6a639

Request headers

Referer: https://promote.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
age: 514548
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor3.sf2p.intern.weebly.net
content-length: 12592
x-served-by: cache-sjc10073-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Fri, 20 Aug 2021 01:15:01 GMT
server: nginx
x-timer: S1630136371.486352,VS0,VE0
etag: W/"611f0215-1cb06"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Mon, 23 Aug 2021 08:43:42 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 142, 2284

GET
H2 200 modernizr.js Show response
cdn-promote.weebly.com/js/vendor/modernizr/ Frame 23C3 45 KB
14 KB 10ms
9ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/js/vendor/modernizr/modernizr.js?547b3a5a4619c534efc1e5488ab3776ef085d2c3
Requested by: Host: promote.weebly.com
URL: https://promote.weebly.com/leadForm?form_id=e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edaed42c4eb8f11559b0b67dba981db2f4d0b655bcf0f00aa1a4ac022f5500ae

Request headers

Referer: https://promote.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
age: 50639
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor1.sf2p.intern.weebly.net
content-length: 14283
x-served-by: cache-sjc10061-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 16:45:39 GMT
server: nginx
x-timer: S1630136371.486344,VS0,VE0
etag: W/"6127c533-b25c"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 28 Aug 2021 17:35:32 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 339

GET
H2 200 common.bundle.9c85468e1887d1350b04.js Show response
cdn-promote.weebly.com/js/dist/ Frame 23C3 1017 KB
296 KB 8ms
7ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/js/dist/common.bundle.9c85468e1887d1350b04.js
Requested by: Host: promote.weebly.com
URL: https://promote.weebly.com/leadForm?form_id=e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db2c96b0920524df970bf06df544cdc2d7862869b559634bc97e6822f2f8c5e9

Request headers

Referer: https://promote.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
age: 166105
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor7.sf2p.intern.weebly.net
content-length: 302876
x-served-by: cache-sjc10053-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 00:05:23 GMT
server: nginx
x-timer: S1630136371.486328,VS0,VE0
etag: W/"6126dac3-fe29e"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 27 Aug 2021 09:31:06 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 14

GET
H2 200 leadform.en.7e6aa84c2713efb7ddf6.js Show response
cdn-promote.weebly.com/js/dist/ Frame 23C3 225 KB
57 KB 10ms
9ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-promote.weebly.com/js/dist/leadform.en.7e6aa84c2713efb7ddf6.js
Requested by: Host: promote.weebly.com
URL: https://promote.weebly.com/leadForm?form_id=e60bb2b7-1e87-4489-979f-eca8fc6cdb73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e9f3c31f983b0a4bb17c50821f79adcac137d64c6b096ce95c222263751572e

Request headers

Referer: https://promote.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
age: 514654
x-cache: HIT, HIT
x-w-dc: SFO
x-host: teditor2.sf2p.intern.weebly.net
content-length: 58541
x-served-by: cache-sjc10040-SJC, cache-fra19152-FRA
access-control-allow-origin: *
last-modified: Fri, 20 Aug 2021 01:15:33 GMT
server: nginx
x-timer: S1630136371.486333,VS0,VE0
etag: W/"611f0235-383a7"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Mon, 23 Aug 2021 08:41:57 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1294, 1698

GET
H3-29 200 css
fonts.googleapis.com/ Frame A33B 16 KB
903 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7174ecb763aa8f894af53733c6f30c7ee0018e2389b98e9e05e7b9c6f314c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:12:33 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
static.activityhero.com/assets/ Frame A33B 553 KB
84 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0371859ed106cbba1150504cf6975364fd18a1c290a0de3442901e45b2664fae

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68568
cf-polished: origSize=570085
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Fri, 27 Aug 2021 12:26:47 GMT
server: cloudflare
etag: W/"33322be730f466f143591d054fb98575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JPfiC4QNtUtyi6XftpFvrHXai03RXsaq6xEuvoSsuaXvR6Vudzate3Pw0YdiS%2BBuh%2BkOom8mAAFMaTRySFrn9FOUpkAnV7UM6S2%2FBAnR0%2FEm6Q5dTrBLnETvL%2FndUK3cyEyPsjGNmh5oCGny%2BjRBQN4%2B2pz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
cf-ray: 685be2e1ce481766-FRA
x-amz-cf-id: IeGBhyWJZnJYi1RK4o8UeyqzYr9zwVXC2_mGyHHeEd97idw07FUODQ==
expires: Sat, 27 Aug 2022 18:26:46 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame A33B 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 181
date: Sat, 28 Aug 2021 07:36:30 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 28 Aug 2021 09:36:30 GMT

GET
H2 200 errortrack-bundle-8af8a42d65a6c3aa55832e487cf8b71c220607c0d3820976f327cd49bdacd8e2.js Show response
static.activityhero.com/assets/ Frame A33B 27 KB
11 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/errortrack-bundle-8af8a42d65a6c3aa55832e487cf8b71c220607c0d3820976f327cd49bdacd8e2.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af8a42d65a6c3aa55832e487cf8b71c220607c0d3820976f327cd49bdacd8e2

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10980886
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 22 Aug 2019 11:40:08 GMT
server: cloudflare
etag: W/"0ba1165f53490e6daa71e3474f2255f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMKhwAi1bMETVr6xj7Qho%2B1XS%2FXaNO0ZRn%2FbhGGjyd8F%2Fz6WPSJSYJWkJUwH%2FoX0UOjQjF%2BM7%2BSamvebwI%2F9SJbSh%2BlFvXh5TefecPvbvpwTtNl2c4csRw6cBll%2FMOzJq838qWZomw7Be4F1DwXLQ2yrl7WP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-amz-cf-pop: SEA19-C3
cf-ray: 685be2e1ce4d1766-FRA
x-amz-cf-id: E9hWvULevg0Hk6l_TEYd4CbqYIn_If0vixD74OmieucQOb79ObSavg==
expires: Fri, 21 Aug 2020 17:40:07 GMT

GET
H2 200 early-load-e53eea8c5f3d2763acedd65d0680d12f51c389ed1e61afb2f47c34477e6a996c.js Show response
static.activityhero.com/assets/ Frame A33B 12 KB
5 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/early-load-e53eea8c5f3d2763acedd65d0680d12f51c389ed1e61afb2f47c34477e6a996c.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e53eea8c5f3d2763acedd65d0680d12f51c389ed1e61afb2f47c34477e6a996c

Request headers

Origin: https://www.activityhero.com
Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
vary: Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10980887
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
last-modified: Thu, 07 Jan 2021 12:07:37 GMT
server: cloudflare
etag: W/"5547ae2f2ef216293417a0d5441fbcd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4OKIFP%2Bh5t6OvWozTdwOSijsfnRC2jS%2FeUmVnB3TlJnXeG5RPvgDtswvhj%2BmL65UCd8cgU6%2BKqwv%2Fa29qjdIE%2FVqiQSg89iOIAw402bdo5w78oikgJW6RbcIEfS61Fa%2FDzJn%2BGh3ISLawjMOElVcq%2FGzrEi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 07 Jan 2022 18:07:36 GMT
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
cf-ray: 685be2e1cd97c27c-FRA
x-amz-cf-id: bQqCtN0mbIhuhKJDzUXnXrmI6y1RRH19KIqYCQ8IVDBi9-FVxlnqFA==
cf-bgj: minify

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame A33B 101 KB
40 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21063367-1

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bce341a55510e554bebd1cd2eec960da76a15addd8ef1df29e983ad0aaeb7405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41162
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame A33B 353 KB
114 KB 38ms
34ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 28 Aug 2021 07:39:31 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 widget-bundle-da325152c394e4d0e11cfcf9cbcabced5a2bf90c9fa99839234bd5b47490ec6e.js Show response
static.activityhero.com/assets/ Frame A33B 2 MB
388 KB 37ms
27ms Script
application/javascript 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/widget-bundle-da325152c394e4d0e11cfcf9cbcabced5a2bf90c9fa99839234bd5b47490ec6e.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ee1d46fe010bf9aeb102f3d4086b795b34342fa6955db77ddd15fd6c1d4892

Request headers

Origin: https://www.activityhero.com
Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68568
cf-polished: origSize=1730406
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-encoding: br
last-modified: Fri, 27 Aug 2021 12:26:47 GMT
server: cloudflare
etag: W/"a6d62b1b15d8c569c2fa13dedb646544"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tapBl5XtgScq1EoooMetwxWN5vMc7RYXuS%2Fkc2uWkFmxE%2BfSVML%2FpZGm23de5pHd77pbyS18squCl8F%2BJQtQhMkGgG%2Bh9KzeuyPDWGsLxx%2FjhfXP91sVME0%2BIXpm5Ni9HAl2d6xVXqTiQldxmS4c6iJGBA%2Ba"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 27 Aug 2022 18:26:46 GMT
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
cf-ray: 685be2e1edabc27c-FRA
x-amz-cf-id: Qg9vUjJ7z-8mmZzMv7zYNhkwIpe3UNUXgXvHAEO0KrxnbAI8alK7dQ==
cf-bgj: minify

GET
H3-29 200 css
fonts.googleapis.com/ Frame 23C3 705 B
372 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla

Requested by

Host: cdn-promote.weebly.com
URL: https://cdn-promote.weebly.com/css/lead-form-812b47ac62.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ce5ea21759f6438096fe0508507ef203dd3d5125b1528c1b635310fef9dab9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn-promote.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:32:32 GMT
server: ESF
date: Sat, 28 Aug 2021 07:39:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 3728 2 KB
1 KB 32ms
29ms Document
text/html 13.224.96.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2037533.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-118.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: uhESADuywzi3JKw_a1Mw4cCyxoUJu0F-v75vnQibajiK2KulLNZnNA==
age: 3568981

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/ Frame D4B8 3 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/?random=1630136371516&cv=9&fst=1630136371516&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cff118dc612c1c109e031198a493dab0dfb2a1c10c9291270ddf9d7f457fc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1146
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame D4B8 2 KB
1 KB 58ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12111
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1003418645/ Frame D4B8 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003418645/?random=1630136371516&cv=9&fst=1630134000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=3831296468&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1003418645/ Frame D4B8 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003418645/?random=1630136371516&cv=9&fst=1630134000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=3831296468&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame A33B 105 KB
40 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV4G4S

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a84d0ed0540e5ea6d7532dcd0f6e46ca8c8e1a2e661ecb4c387878fe663f838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40678
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 heap-2397865696.js Show response
cdn.heapanalytics.com/js/ Frame A33B 106 KB
42 KB 34ms
30ms Script
application/javascript 13.224.96.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2397865696.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-55.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6eaede743563af7757c5b202fa1e408edb40fe351e10135833307a9b779279e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:38:04 GMT
content-encoding: gzip
server: nginx
age: 87
etag: W/"1a90d-DCOXepstfPU/Z2644OHXUw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: ZRH50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: JDp8HwJGZZdPS0t3XN8NAQ08Mup-9Hvzo_3eFXTpXEAgM5N5qT6z5g==

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame A33B 99 KB
25 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25996
x-xss-protection: 0
pragma: public
x-fb-debug: BvshAw8mvtb6rGWND6glr2FY+h0C3+6jxspE6WJcYm6zFVRLjAIqm/wpHLxCJL9KB25C8KhhIGJYqMIQpydvSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 28 Aug 2021 07:39:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame A33B 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.activityhero.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 17:11:08 GMT
x-content-type-options: nosniff
age: 311303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 17:11:08 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame A33B 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e475bcc15da53b21ab3202ce0b25000c99ef4186a1d86e8ba258ab2cde3fb4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4pFzwbExE5GJntbQImF7TQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: xlLmlP8cjDB37ncSo8fYtf4f4vDp013/uPs0uc37ZubQcs0LtpbXe4W14SwqnFMXRhQOsXwamO+LXkMW2qgfUg==
x-fb-content-md5: ea5dcc44f2a144906f61bc99c4e05877
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 28 Aug 2021 07:39:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "21126183faf21efd85f75328b6d3dc4f"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Aug 2021 07:48:28 GMT

GET
H2 200 fontawesome-webfont.woff2
static.activityhero.com/assets/fonts/ Frame A33B 55 KB
56 KB 12ms
12ms Font
application/octet-stream 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activityhero.com/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: static.activityhero.com
URL: https://static.activityhero.com/assets/widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://www.activityhero.com
Referer: https://static.activityhero.com/assets/widget-bundle-cc40d64e87c50c134cb5bf4101199562eeeb9e1008a7fec4df5a3c3e876cceca.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding
vary: Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5245
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-length: 56780
access-control-allow-origin: *
last-modified: Sat, 14 Mar 2015 00:13:41 GMT
server: cloudflare
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoLJLkIdn%2FL5cyjGGn6E4FDVmjxkbkchEds%2F7tgWIbDvOVG%2BhGG5%2F%2FkzEYxtsidq1FLl1oZ%2FctoW1Lc2TWaWrENwicVMIiyjwrbjIwVruJ%2F4PQimI5lX9%2FAg%2FaRyWF1Nrhn%2FSeEpOkvtsZMLmVg0L1oyuvjF"}],"group":"cf-nel","max_age":604800}
via: 1.1 ef8f66c83aecd87910ce2e1153544a21.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: SEA19-C3
accept-ranges: bytes
cf-ray: 685be2e33f52c27c-FRA
x-amz-cf-id: 6vSbwhKKCDhs3HiJ6PGNmZ88c0dZqmmC9CCaBmjyrBPrSTGyNGs1-g==

GET
H2 200 7a28a87c-b33e-4e2b-80c7-5a0ebba484fb.jpeg
images.activityhero.com/user_activity_photo/187/large/ Frame A33B 59 KB
59 KB 38ms
16ms Image
image/jpeg 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.activityhero.com/user_activity_photo/187/large/7a28a87c-b33e-4e2b-80c7-5a0ebba484fb.jpeg
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331ba31d794079907836efac39129c95b59ae3ec43f893b2d148b2bcef5f1f43

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44
cf-polished: degrade=85, origSize=65714
x-cache: Hit from cloudfront
content-length: 60305
last-modified: Sat, 15 May 2021 01:48:02 GMT
server: cloudflare
etag: "661927c0562e2b77d6e62392816c30cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FVCHXNHIBSRRzwjfpl8D7CgfdJlhwnS8aKAIqwcrn%2BSIW0JU3zRY8D3Lkstvt%2B5waHdOtqwPl5aeyV5Ac5ULYQXT7WrdUgE6yTlU%2By5bL2WVrmFU3oX%2FRrBAz49%2B3gDtr%2Fp40jVEV56JEpxZVYJX6sbeDpx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 685be2e368b01766-FRA
x-amz-cf-id: IhS0G63LogofZqAdxe4bQRG9ZCqF7n7u-CztsnivljXl8uVaHjPKVA==
cf-bgj: imgq:85,h2pri

GET
H2 200 e1e1b9cc-1394-4e7d-89bc-cb5805b629b0.png
images.activityhero.com/74141/crop/ Frame A33B 34 KB
34 KB 39ms
18ms Image
image/png 2606:4700:20::681a:9db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.activityhero.com/74141/crop/e1e1b9cc-1394-4e7d-89bc-cb5805b629b0.png
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7909f7ca25f80e35bf4843508a695c621107fe2cab57c69ea4c5878ae26e2e

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44
cf-polished: origSize=35045
x-cache: Hit from cloudfront
content-length: 34516
last-modified: Wed, 03 Jun 2020 07:07:21 GMT
server: cloudflare
etag: "a42e439abca04eccee90012d79a17d33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4AEF6DQzVMiK2PDuAmJ1Y3M0w2PKOLZTYtklTW6ztm2LPnPK7hntQz7VnL1HQSdFtDfFhrjzm8VHn6Qu%2BQeKzbyWYYN7rwPQgpgtg0U1vu3HtR6NIzOPwOS5Oekzrrq3lXnUS1eOcPJgr3Ze4wyyk24Yk7K"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 685be2e358af1766-FRA
x-amz-cf-id: i8pyPTGoMSi2SJ68Hrw3MMsvaxAkLYpOFEJd2KoUQna5ocsZQbO4Ug==
cf-bgj: imgq:85,h2pri

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame A33B 235 KB
68 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e5c830d3d9e3a5ee381e4708f2465167

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ec357056b56ba26a46017e4a7acb990824ed8c1b788daa9279785b30535ae6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.activityhero.com
Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: E0TtvYi3C7TWBmxfa+Rm8A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69781
x-fb-rlafr: 0
x-fb-debug: B7lo7SEEVMticVkG+9pQXa7KcH1fREUkMyDdCxvbZ0MmGh71Z7nFXx5W/HWeSc3e9vpzSr+6Cb2nxj9o6m2dWw==
x-fb-content-md5: 313e51b462fd171dd4bc79b76606fc46
x-frame-options: DENY
date: Sat, 28 Aug 2021 07:39:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "05b09ba0dd0dbf41535a1b6ad4118116"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 28 Aug 2022 06:42:51 GMT

GET
H3-29 200 995854240438059 Show response
connect.facebook.net/signals/config/ Frame A33B 306 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/995854240438059?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03fabde8142ce95ceaf2d97bd4300363a867b25b9e80ec1e3fa3bda83b621b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89295
x-xss-protection: 0
pragma: public
x-fb-debug: vVnWCoGb/mzkpgzlf6hc1up6SibHubn0/raJDqFKomETa7EKMVdDfZgh1w7p9YkA2N9EaTgVrSTm9Vrf0ERWtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 28 Aug 2021 07:39:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame A33B 2 KB
1 KB 18ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12111
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ Frame D4B8 31 KB
12 KB 25ms
9ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: H89KM1RV4S7TFTBC
x-cache: HIT
content-length: 11781
x-amz-id-2: 2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by: cache-fra19164-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1630136372.794211,VS0,VE0
date: Sat, 28 Aug 2021 07:39:31 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7871

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4f88bb2c1c96107d/ Frame D4B8 2 KB
766 B 56ms
55ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4f88bb2c1c96107d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fccadc27e3d9c281e8a1f1fc5cc5d20de53416346b9b176a9a58381449206e8f

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
etag: -208299266--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=14, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 590

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame A33B 97 KB
38 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1003418645&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21063367-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce59d99ac94cd5077c2a58f730caf8f7b89d1cc0cea84daa738d884ac941c042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39388
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame A33B 36 KB
14 KB 33ms
33ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV4G4S

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 9441931574288766250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 hotjar-2037533.js Show response
static.hotjar.com/c/ Frame A33B 5 KB
2 KB 29ms
29ms Script
application/javascript 13.224.96.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2037533.js?sv=6

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-124.zrh50.r.cloudfront.net

Software

Resource Hash

eff4490e2a71f2fec96aec2e1b98f5b579351b921cb14a7aa9c11bca18ffaac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 44
etag: W/a45f3c898b4d777abab8ea5e22f5873b
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: UegkDJmNg5Z0rO4ynF9QxWCgXBa8ApsVZ5FbJHYQJe6gLNQMQeqzDA==
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)

GET
H2 200 h
heapanalytics.com/ Frame A33B 37 B
258 B 99ms
98ms Image
image/gif 52.201.89.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2397865696&u=4365818985870135&v=8753649924025463&s=4919491806863074&b=web&tv=4.0&z=0&h=%2Fwidgets%2Freview%2F74141&q=%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&d=www.activityhero.com&t=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&r=https%3A%2F%2Fwww.harrypottercamps.org%2F&ts=1630136371805&st=1630136371806&ei=141&et=variation

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.89.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-89-61.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK fc756e520c Show response
bam.nr-data.net/1/ Frame D4B8 57 B
278 B 423ms
106ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/fc756e520c?a=1634564&v=1210.e2a3f80&to=IAtWRRNbWwhTExpFXQcDXUUSG0QHXgRRR1gGO09YFVxoFF4OQV0%3D&rst=1154&ck=1&ref=https://www.activityhero.com/widgets/schedule_with_photo&qt=1&ap=95&be=586&fe=1115&dc=711&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1630136370661,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:490,%22rpe%22:583,%22dl%22:496,%22di%22:710,%22ds%22:710,%22de%22:724,%22dc%22:1114,%22l%22:1114,%22le%22:1130%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=iso-8859-1

GET
H3-29 200 /
www.facebook.com/tr/ Frame A33B 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=995854240438059&ev=PageView&dl=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&rl=https%3A%2F%2Fwww.harrypottercamps.org%2F&if=true&ts=1630136371821&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1630136371758&coo=false&rqm=GET

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ Frame A33B 221 KB
59 KB 29ms
29ms Script
application/javascript 13.224.96.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2037533.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-67.zrh50.r.cloudfront.net

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rH2KMLK7fc4FqpuWFHlsU76KWbWP2_d8OKeoc8_iCe5rxj5zR6HM8w==

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/ Frame A33B 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/?random=1630136371838&cv=9&fst=1630136371838&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9b02d8443bc1fdeb02c616dcbf54c5f85d2dc4943cf8133cfc750c950f05d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/ Frame A33B 2 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003418645/?random=1630136371840&cv=9&fst=1630136371840&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2daee089e8124d74a13571e4c9e5245c1aad6280ee04f24ce2a7adb282299552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame D4B8 263 KB
76 KB 33ms
32ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 28 Aug 2021 07:39:31 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1003418645/ Frame A33B 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003418645/?random=1630136371838&cv=9&fst=1630134000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=2218239801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1003418645/ Frame A33B 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003418645/?random=1630136371838&cv=9&fst=1630134000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=2218239801&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1003418645/ Frame A33B 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003418645/?random=1630136371840&cv=9&fst=1630134000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=1101163031&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1003418645/ Frame A33B 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003418645/?random=1630136371840&cv=9&fst=1630134000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=2&url=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&ref=https%3A%2F%2Fwww.harrypottercamps.org%2F&tiba=Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews&async=1&fmt=3&is_vtc=1&random=1101163031&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 2FB5 2 KB
1 KB 28ms
27ms Document
text/html 13.224.96.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2037533.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-118.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: iN9G7-Tq87igehA6jCzV1Mxwv0YPltsd-rAh5VGJD-yYOxJ8ALnTVQ==
age: 3568981

GET
H3-29 200 /
www.facebook.com/tr/ Frame D4B8 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=995854240438059&ev=Microdata&dl=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%3Flocations%3D125432%26show_photos%3Dtrue%26aht_cam%3Dnew-schedule-widget%26aht_src%3D74141%26widget_id%3D4296&rl=https%3A%2F%2Fwww.harrypottercamps.org%2F&if=true&ts=1630136371939&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews%22%2C%22meta%3Adescription%22%3A%22Find%20%26%20book%20kids%20classes%2C%20summer%20camps%2C%20and%20more!%22%2C%22meta%3Akeywords%22%3A%22classes%2C%20summer%20camps%2C%20activities%2C%20kids%2C%20schedules%2C%20reviews%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22Find%20%26%20book%20kids%20classes%2C%20summer%20camps%2C%20and%20more!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Fschedule_with_photo%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&it=1630136371334&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 28 Aug 2021 07:39:31 GMT

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ Frame A33B 31 KB
12 KB 7ms
7ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: H89KM1RV4S7TFTBC
x-cache: HIT
content-length: 11781
x-amz-id-2: 2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by: cache-fra19164-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1630136372.943712,VS0,VE0
date: Sat, 28 Aug 2021 07:39:31 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7872

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4f88bb2c1c96107d/ Frame A33B 2 KB
766 B 55ms
55ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4f88bb2c1c96107d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fccadc27e3d9c281e8a1f1fc5cc5d20de53416346b9b176a9a58381449206e8f

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:31 GMT
content-encoding: gzip
etag: -208299266--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=14, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 590

GET
H/1.1 200
OK fc756e520c Show response
bam.nr-data.net/1/ Frame A33B 57 B
278 B 375ms
106ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/fc756e520c?a=1634564&v=1210.e2a3f80&to=IAtWRRNbWwhTExpFXQcDXUUSG0UBQAhQRQ%3D%3D&rst=1321&ck=1&ref=https://www.activityhero.com/widgets/review/74141&ap=345&be=842&fe=1293&dc=1054&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1630136370649,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:747,%22rpe%22:840,%22dl%22:757,%22di%22:1054,%22ds%22:1054,%22de%22:1072,%22dc%22:1293,%22l%22:1293,%22le%22:1308%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=iso-8859-1

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame A33B 263 KB
76 KB 50ms
50ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 28 Aug 2021 07:39:32 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 /
www.facebook.com/tr/ Frame A33B 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=995854240438059&ev=Microdata&dl=https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%3Faht_cam%3Dreview-widget%26aht_src%3D74141%26widget_id%3D4002&rl=https%3A%2F%2Fwww.harrypottercamps.org%2F&if=true&ts=1630136372323&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Kids%20Classes%2C%20Summer%20Camps%2C%20Schedules%2C%20Reviews%22%2C%22meta%3Adescription%22%3A%22Find%20%26%20book%20kids%20classes%2C%20summer%20camps%2C%20and%20more!%22%2C%22meta%3Akeywords%22%3A%22classes%2C%20summer%20camps%2C%20activities%2C%20kids%2C%20schedules%2C%20reviews%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22Find%20%26%20book%20kids%20classes%2C%20summer%20camps%2C%20and%20more!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.activityhero.com%2Fwidgets%2Freview%2F74141%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&it=1630136371758&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.harrypottercamps.org
URL: https://www.harrypottercamps.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 28 Aug 2021 07:39:32 GMT

GET
H2 200 gradient.png
cdn2.editmysite.com/images/util/videojs/ 1 KB
2 KB 8ms
6ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/util/videojs/gradient.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b78fdb96dc9fcbb2f82ed722043d6c8d28819213cd9795889105da9a81de46a2

Request headers

Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:32 GMT
via: 1.1 varnish
age: 196021
x-guploader-uploadid: ADPycdsArsZCQVTedjrhBu-UU154QtvbNfNDktOyKs-YEfUOq7njB4euVsPW6s_2DCpEdeKPRaOnMU58PFLbozA_IwY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
content-length: 1062
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 19:36:45 GMT
server: UploadServer
x-timer: S1630136373.602847,VS0,VE1
etag: "e3a4510b856d2e6af899829f916aed5c"
x-goog-hash: crc32c=0Ym/PA==, md5=46RRC4VtLmr4mYKfkWrtXA==
x-goog-generation: 1495741005097278
access-control-allow-origin: *
expires: Sun, 29 Aug 2021 01:12:31 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 1062
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 videojs-sacae758aa2.png
cdn2.editmysite.com/sprites/util/ 11 KB
11 KB 9ms
7ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/sprites/util/videojs-sacae758aa2.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 58201b565093ccab0b1e11415734b4b42f3ffafceb8b4a44e7668e3f358ab1c0

Request headers

Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:32 GMT
via: 1.1 varnish, 1.1 varnish
age: 772350
x-cache: HIT, HIT
x-cache-hits: 5, 2
content-length: 10847
x-served-by: cache-sjc10070-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1630136373.603660,VS0,VE0
etag: "611c1ce6-2a5f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 02 Sep 2021 09:07:02 GMT

GET
H2 200 white-bar.png
cdn2.editmysite.com/images/util/videojs/ 3 KB
4 KB 9ms
8ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/util/videojs/white-bar.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2b2c8824698404d2833d5623b7aeebdbf6eb6526198abdacd41cc8ddaeea436f

Request headers

Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:32 GMT
via: 1.1 varnish
age: 195138
x-guploader-uploadid: ADPycdssFj8qwrVKsxl-_a8dx7KOYugkbMqq3UYWoKkIa_IWHInhb5kkXeNGnYL6SFrdHfHZwKX_G4qmaeg6eUlCRXw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
content-length: 3316
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 19:36:59 GMT
server: UploadServer
x-timer: S1630136373.603634,VS0,VE1
etag: "b990be86efb765402df96de07ff676ed"
x-goog-hash: crc32c=+nnfyA==, md5=uZC+hu+3ZUAt+W3gf/Z27Q==
x-goog-generation: 1495741019621301
access-control-allow-origin: *
expires: Sun, 29 Aug 2021 01:27:14 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 3316
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 blue-bar.png
cdn2.editmysite.com/images/util/videojs/ 3 KB
4 KB 9ms
7ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/util/videojs/blue-bar.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8b54f818e5bece1a324c15c4a3139c1db5fe4b1a76427341324feeefe1a893d0

Request headers

Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:32 GMT
via: 1.1 varnish
age: 1674
x-guploader-uploadid: ADPycdsi45h6bX3kg93dmyEQnlSB2UIgbeOVfYzS3Y_yYCuZie00dhO2AzoH6OMKs-WxRbl684EGYzwuqvH7QU8ixw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
content-length: 3318
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 19:36:42 GMT
server: UploadServer
x-timer: S1630136373.603618,VS0,VE0
etag: "cada038924133711192a57d0631ad1d6"
x-goog-hash: crc32c=To5Kmw==, md5=ytoDiSQTNxEZKlfQYxrR1g==
x-goog-generation: 1495741002920740
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 07:06:18 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 3318
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 maximize-icon.png
cdn2.editmysite.com/images/util/videojs/ 1 KB
1 KB 8ms
7ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/util/videojs/maximize-icon.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b1ce93a63801da0846bdc473593648759c87c07fae62f6202272d268fea51937

Request headers

Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:32 GMT
via: 1.1 varnish
age: 2003
x-guploader-uploadid: ADPycdtv1bRjDCYZPvlsFFxqgdE5w_EU1OHIBtNxyOAWuA-G1_-jB8RC5jKNpEym-8sey5-5KZnWwkMnFVE8KiYFKg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
content-length: 1146
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 19:36:47 GMT
server: UploadServer
x-timer: S1630136373.603635,VS0,VE0
etag: "eea250c94c3ef64a203ecca50bd37834"
x-goog-hash: crc32c=MXaHmA==, md5=7qJQyUw+9kogPsylC9N4NA==
x-goog-generation: 1495741007597375
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 07:03:25 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 1146
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 volume-mute.png
cdn2.editmysite.com/images/util/videojs/ 1 KB
1 KB 7ms
6ms Image
image/png 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/util/videojs/volume-mute.png
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cdce5c237cc190649b8430cddfd414440a3f4b72081a6786062f804e659565dd

Request headers

Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1625861773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:32 GMT
via: 1.1 varnish
age: 256917
x-guploader-uploadid: ADPycdtqz6Qls-xivaKa4WjWW_X_7KD0FXbhoxg3rYeknlAAQA_3uSidH8vIua0YV9A-Ys3sQBq44ZizdbBpCwi-8uBS_bPWfg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
content-length: 1179
x-served-by: cache-fra19152-FRA
last-modified: Thu, 25 May 2017 19:36:58 GMT
server: UploadServer
x-timer: S1630136373.603601,VS0,VE0
etag: "5baf4223095c9cbd9975106f31b0885f"
x-goog-hash: crc32c=wvtaCA==, md5=W69CIwlcnL2ZdRBvMbCIXw==
x-goog-generation: 1495741018508427
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 08:17:28 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 1179
accept-ranges: bytes
content-type: image/png
x-cache-hits: 2

GET
H/1.1 200
OK btn-g201-left.png
emarketing.activenetwork.com/res/button/images/ 3 KB
0 155ms
155ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g201-left.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

8e4193bfd80a6be58d377880f2c2605216fe9c696e19c17f0672af4e6e9ef4b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 178
Last-Modified: Tue, 08 Nov 2011 22:45:04 GMT
ETag: "09843e689ecc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:32 GMT
Accept-Ranges: bytes
Content-Length: 2994
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g201-right.png
emarketing.activenetwork.com/res/button/images/ 9 KB
0 313ms
157ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g201-right.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

52d34439251a70a9748fc4cc2cd0b1b748f396a0fec69d3cebfecf91e47fdbd2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 173
Last-Modified: Wed, 09 Nov 2011 00:50:23 GMT
ETag: "80f1ef8f799ecc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:33 GMT
Accept-Ranges: bytes
Content-Length: 9583
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g206-left.png
emarketing.activenetwork.com/res/button/images/ 5 KB
0 529ms
296ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g206-left.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

01f5a97da992d4edb953be33bbfe3dcce7b308f30afcad1b55ef41a6c58cc859

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 177
Last-Modified: Thu, 10 Nov 2011 21:20:23 GMT
ETag: "805948eee9fcc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:32 GMT
Accept-Ranges: bytes
Content-Length: 5566
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btn-g206-right.png
emarketing.activenetwork.com/res/button/images/ 13 KB
0 424ms
160ms Image
image/png 74.120.127.135
ACTIVE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://emarketing.activenetwork.com/res/button/images/btn-g206-right.png

Requested by

Host: emarketing.activenetwork.com
URL: https://emarketing.activenetwork.com/res/button/css/button-v4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.120.127.135 , United States, ASN53804 (ACTIVE-ASN1, US),

Reverse DNS

Software

Resource Hash

eb85fc494884c19e75ea6b43383d36bef5b0dca2e090a2ec39363842dfbdf692

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

Content-Security-Policy: frame-ancestors 'self';
X-Content-Type-Options: nosniff
server-id: 174
Last-Modified: Thu, 10 Nov 2011 21:20:23 GMT
ETag: "805948eee9fcc1:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Date: Sat, 28 Aug 2021 07:39:33 GMT
Accept-Ranges: bytes
Content-Length: 13370
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK allpointlilypointtridentcampdemigod_2_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 286 KB
286 KB 161ms
161ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/allpointlilypointtridentcampdemigod_2_orig.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 11886462720bcbc91bc3fb4c7f12c2796187995c0c5fc8d7011e307ddf39b2da

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:35 GMT
X-Storage-Object: 11886462720bcbc91bc3fb4c7f12c2796187995c0c5fc8d7011e307ddf39b2da
Last-Modified: Sat, 02 Nov 2019 05:35:13 GMT
Server: nginx
x-amz-request-id: tx0000000000000012b83ce-006127ff4e-a51a2d8-sfo1
ETag: "a4e3146d3d21a4a492eca9577a1f4284"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu27.sf2p.intern.weebly.net
X-Storage-Bucket: z1188
Accept-Ranges: bytes
Content-Length: 292617

GET
H/1.1 200
OK 20170627-173309_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 257 KB
257 KB 168ms
167ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/20170627-173309_orig.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: 867e53f3f105a7b3366398802c7901bf38ff07345f426d612e2698c5d7f88745

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:39 GMT
X-Storage-Object: 867e53f3f105a7b3366398802c7901bf38ff07345f426d612e2698c5d7f88745
Last-Modified: Sun, 02 Dec 2018 10:52:50 GMT
Server: nginx
x-amz-request-id: tx00000000000018e91c0bd-0061243da4-15b3dc2-las
ETag: "50f71fea929dfd1ff0b54f576b36ee12"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu8.sf2p.intern.weebly.net
X-Storage-Bucket: z867e
Accept-Ranges: bytes
Content-Length: 262954

POST
H/1.1 200
OK fc756e520c Show response
bam.nr-data.net/events/1/ Frame D4B8 24 B
187 B 106ms
105ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/fc756e520c?a=1634564&v=1210.e2a3f80&to=IAtWRRNbWwhTExpFXQcDXUUSG0QHXgRRR1gGO09YFVxoFF4OQV0%3D&rst=11154&ck=1&ref=https://www.activityhero.com/widgets/schedule_with_photo
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.activityhero.com/widgets/schedule_with_photo?locations=125432&show_photos=true&aht_cam=new-schedule-widget&aht_src=74141&widget_id=4296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.activityhero.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H/1.1 200
OK fc756e520c Show response
bam.nr-data.net/events/1/ Frame A33B 24 B
187 B 106ms
105ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/fc756e520c?a=1634564&v=1210.e2a3f80&to=IAtWRRNbWwhTExpFXQcDXUUSG0UBQAhQRQ%3D%3D&rst=11322&ck=1&ref=https://www.activityhero.com/widgets/review/74141
Requested by: Host: www.activityhero.com
URL: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.activityhero.com/widgets/review/74141?aht_cam=review-widget&aht_src=74141&widget_id=4002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.activityhero.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H/1.1 200
OK areswomanstrong_orig.jpg
www.harrypottercamps.org/uploads/7/2/0/3/72038099/ 171 KB
172 KB 169ms
169ms Image
image/jpeg 199.34.228.75
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harrypottercamps.org/uploads/7/2/0/3/72038099/areswomanstrong_orig.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.75 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-27.weebly.com
Software: nginx /
Resource Hash: c8fffeb78debaa2b0202d0db1c1c7041779dda76fe55d5e24a1b53234217466d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.harrypottercamps.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.harrypottercamps.org/
Connection: keep-alive
Referer: https://www.harrypottercamps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:39:43 GMT
X-Storage-Object: c8fffeb78debaa2b0202d0db1c1c7041779dda76fe55d5e24a1b53234217466d
Last-Modified: Sun, 02 Dec 2018 10:53:07 GMT
Server: nginx
x-amz-request-id: tx00000000000013710156c-0061246eb3-177c75c-las
ETag: "0b1c87aa0d67bafcbc2b8a5b1edc59bb"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: grn43.sf2p.intern.weebly.net
X-Storage-Bucket: zc8ff
Accept-Ranges: bytes
Content-Length: 175456

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: http://localhost/CampTree/assets/cdn.js

Domain: localhost
URL: http://localhost/CampTree/assets/cdn.js

Domain: localhost
URL: http://localhost/CampTree/assets/cdn.js

Domain: localhost
URL: http://localhost/CampTree/assets/cdn.js

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://track.freecallinc.com/freecall_trackdiv1.js?company_id=90112&site_id=86487&js_enabled=1&phpsessid_js=1630136370389c8g94kr6e18nhr7yxx2&is_first_js=1&psid=1630136370389c8g94kr6e18nhr7yxx2\|1\|\|\|\|\|\|\|&http_referer_js=&title=DIGIVATIONS%20CAMP%20DEMIGOD%20INSTITUTE%20-%20OVERNIGHT%20CAMP%20HALF-BLOOD!%20HARRY%20POTTER%20CAMPS!&uid=&uml=&unm=&cnm=&wixpageTitle=&wixurl=&wixreferer=&enc=UTF-8&plng=en&globid=82451630136370&timestamp=1630136370390(Line 1) Message: -90112--0-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.nr-data.net
cdn-promote.weebly.com
cdn.heapanalytics.com
cdn2.editmysite.com
connect.facebook.net
ec.editmysite.com
emarketing.activenetwork.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
harrypottercamps.org
heapanalytics.com
images.activityhero.com
js-agent.newrelic.com
localhost
promote.weebly.com
s7.addthis.com
script.hotjar.com
ssl.google-analytics.com
static.activityhero.com
static.hotjar.com
track.freecallinc.com
v1.addthisedge.com
vars.hotjar.com
www.activityhero.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.harrypottercamps.org
www.instagram.com
www.weebly.com
z.moatads.com
localhost
104.75.88.126
13.224.96.118
13.224.96.124
13.224.96.55
13.224.96.67
142.250.185.194
151.101.13.27
162.247.242.20
199.34.228.75
2.18.235.40
2606:4700:20::681a:9db
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:1e6:face:b00c:0:4420
2a04:4e42:3::302
44.237.245.63
52.201.89.61
52.43.249.183
74.115.50.106
74.115.50.109
74.120.127.135
00bd643d7b1cd928b72aa4b6d69df8d5838a8f07e26294fda69ab365fa454c3f
01f5a97da992d4edb953be33bbfe3dcce7b308f30afcad1b55ef41a6c58cc859
03546a37d2a0717f56121329cc62928adfe5e28d2054f380bf6265febbf1dd42
0371859ed106cbba1150504cf6975364fd18a1c290a0de3442901e45b2664fae
03fabde8142ce95ceaf2d97bd4300363a867b25b9e80ec1e3fa3bda83b621b98
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
054411e5423615254088341e90d1c49c68e19e016690034b95437499ea18ba87
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
0768b8499fc3a1c510ffb342ac26b266a8b2a922c30a086adc67cde26de02dc9
0a84d0ed0540e5ea6d7532dcd0f6e46ca8c8e1a2e661ecb4c387878fe663f838
0c39401de18899e21b9aed0de8b91ce103ba2c4f667d1fda132a00cfac47bdc3
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
102f7062584b92bdd7dfae9bccc4c36baf36d3eed4fcbe0579f86d2964b6d932
104129370438ceb2eb38a889a4f31ae506e9abae18a6a6e473822e64560f9e6c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11886462720bcbc91bc3fb4c7f12c2796187995c0c5fc8d7011e307ddf39b2da
11fe437727e189fee27249755564ba1c4da6edf3b96c249f0b71b86e184e5727
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970
16f6155aa52da29a37a34de21c4aa451efe695a069769c29824ccf191ac6a639
1e424043529b056c86e62f63a83efb01d9e44eb5428ac5e718e10fce83474ee8
221d22fbaf8d8fe3ce074f7bf50102a668768202dd309658ecec7ab9891c865e
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22cbc9b0d4be5feed5f7c1f64cd75a7021b02811a58b1b6b25609c11053e6012
2470ddbc8a8e00b2e8df9721c68b22a09a273ae2cc242fef08fe182ddfa65f23
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b2c8824698404d2833d5623b7aeebdbf6eb6526198abdacd41cc8ddaeea436f
2b7124996688777d179d79e6d7ec45edd9a060b641f28609360f77ab8831be62
2daee089e8124d74a13571e4c9e5245c1aad6280ee04f24ce2a7adb282299552
2e9f3c31f983b0a4bb17c50821f79adcac137d64c6b096ce95c222263751572e
2ed4b43e4c9ea109492d70d2eb431564a33018c1e4ae2b43058b7d9914729aff
331ba31d794079907836efac39129c95b59ae3ec43f893b2d148b2bcef5f1f43
37dd398463ba8e0e0f39165ca66da6e995a6c837bdec07a1411c57d0cb36ee76
37f5bf015ade9651005d72bcfdbb48838014c1c357f848585df731bc7eaff120
3ec357056b56ba26a46017e4a7acb990824ed8c1b788daa9279785b30535ae6c
42ba3cd1ed14b4add53475a24aea9f5c2b7b04a189d185ef7dc3c059cba9e8eb
4cff118dc612c1c109e031198a493dab0dfb2a1c10c9291270ddf9d7f457fc48
52d34439251a70a9748fc4cc2cd0b1b748f396a0fec69d3cebfecf91e47fdbd2
52fb48940cfe124b9f5c88842435b64e9fa157a985709f2a46ffae1d5f9f3578
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
58201b565093ccab0b1e11415734b4b42f3ffafceb8b4a44e7668e3f358ab1c0
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5cc7ba6051f81a0eb6d15b1135d1603e813d45b7b360bd4a0f65e81809997e93
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
616bb2efce280c7cc242a04ddae86a1ece85d619b9556f795c152bcd4eab464e
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63a5a5a019fbb4f189fd914c0c1f85efcc17d45430fb28f1b88278185abdee99
63ee1d46fe010bf9aeb102f3d4086b795b34342fa6955db77ddd15fd6c1d4892
642d97daf5734304f14a112f401f96397bdd3ff2a828903bc251135ff18e83bc
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
64c766443a2a39e78f6ac184a19545d6b7bbee0b0ebd0c3471b51cbfad5fffd0
6973bf1a0b5aa783ef1507f5d77a2e4498a0f588f28becbe67f11571e9790f7d
6ad3c3bd978c66146c2e999db5973de76af01eefe11698f83ea8a4d5f576883f
6d4fd4d398c720bb009dc83e9433e13487532f182569533cf7e222cecfe5f176
6eaede743563af7757c5b202fa1e408edb40fe351e10135833307a9b779279e0
6ecee81944a8f190b62e2fe70d7c46d53cad962a405e3a6aaece2694bf57772d
7034bddf3d69243d90215b69b70ba9272ae4f8f6ae8fafc9a793f6f395c0c8c9
7041121c9e9bb32b2f3bf9add78cacbef874710acf4d753e624787bbde69283b
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
78a73044f86426e071d3aecdc73b2feeb5e787de6aca2850f3b5ef9e438931e4
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7a7909f7ca25f80e35bf4843508a695c621107fe2cab57c69ea4c5878ae26e2e
7b44f1bf6e308efb23c9b79ee8472309161131ced8174eae0d140d43effe56e8
7b923d422b294f8631495a0616f703ecb22fd25a974c2e1d57d5a9a2ae089f91
7d0510d4ca7d7a21836fa8d835b738f49a5f8de52127a6e667ecb58d86553c2f
81b6b686799b22f7e098c173dd1d2c4e634cb763e3f7d4dac06e809fff31ed45
82b916388ce33d61e0bb3000fe2911bed0c3cf75e09cb31441b6e61816d45159
839ee8c8de84c4c8cb934ce4c023568094302fe556183ab5e7ef8fb723e27a55
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
867e53f3f105a7b3366398802c7901bf38ff07345f426d612e2698c5d7f88745
8af8a42d65a6c3aa55832e487cf8b71c220607c0d3820976f327cd49bdacd8e2
8b54f818e5bece1a324c15c4a3139c1db5fe4b1a76427341324feeefe1a893d0
8ce5ea21759f6438096fe0508507ef203dd3d5125b1528c1b635310fef9dab9c
8d2c5346a2a506632e72ab05405660dda3c5ada08987955796776109ef7040ce
8e1b6abd77444a684c4dbe1b6b57496dbab71f4ed2a8adb9b3522c9c7a028bac
8e4193bfd80a6be58d377880f2c2605216fe9c696e19c17f0672af4e6e9ef4b9
9219a758dd50706694f0493cd407f2cbeca35717599c1bd9641c3d57855dd1ef
95464d87c9da927b6b130cd8ba56d9701d265fc04753d42caccbd56921c40441
9aa24e9737d9716c94f4459166d798310d5b526b478c30fc3e302793c26adbeb
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a7174ecb763aa8f894af53733c6f30c7ee0018e2389b98e9e05e7b9c6f314c4e
a9304eccdc03e3bded20f8e374a90533258d2ce9912f284a5f78f18c182a0e21
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad715e74a761040299f114bc3cbb0614529b2a3ce339ad6ea9b738ff140657b5
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
af35f1bbd141077bbf9bea22bad9c6cb7e6045d51d6dd3978dd3be982d996207
b1ce93a63801da0846bdc473593648759c87c07fae62f6202272d268fea51937
b29d155be41bba9027d045e9961d4b240f03dda60ec22fc148d046032221c903
b548f7d3463d55fb324b29d193d98a69dbbeef7348835c01916510410a8abe52
b5b175f66cab48e5fc60805a6722c5eecba48428312ae0dcf6dfb211e282d14f
b78fdb96dc9fcbb2f82ed722043d6c8d28819213cd9795889105da9a81de46a2
ba97504b136b447bea2ecc59111ba5a63200d2662f92936d0f7c206492b989d8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce341a55510e554bebd1cd2eec960da76a15addd8ef1df29e983ad0aaeb7405
c2e001669970d601d4835120e942a8424f03cebeee4d3b1d65b92c573874ed26
c4f595f154c135e6631df3e3a986a1fdebda177a47a91cbb9e645d37a0e03311
c6ad3e5b5770c62edec9808501236e662e8e04ce21fd47d1272ceaaacfbbac94
c71fa8e41b45fca8971007afe3707c12131b050c733de806d78431e3c08cde4a
c8fffeb78debaa2b0202d0db1c1c7041779dda76fe55d5e24a1b53234217466d
c9defa51976e3ae85c45b8167e1f46678b14c7d8c54bdda2652d01d0569906a8
ccc021b61a30d53390315ccda8f48dd02576a245b90a9ab8ef0941579d15ed15
cdce5c237cc190649b8430cddfd414440a3f4b72081a6786062f804e659565dd
ce59d99ac94cd5077c2a58f730caf8f7b89d1cc0cea84daa738d884ac941c042
cecd639ba0bcb25de62b13144e1d2d61d08828df31b9f7184f7bccdc47aecd15
d09f6c5de2882d03bbd78547810289ae6a28e8dc005547e21f74af5766946814
d1c1681cf607c7105a3e66a550753566545a8b7936464eba3479ac83219e242d
d2805ebf2d69532e03ca433d9ae3a02469c4102ecafda0968c42be806169c830
db0202a95505c62c7f2fb6ab1589994d5d3be3616aec971169356da3abe8d01b
db2c96b0920524df970bf06df544cdc2d7862869b559634bc97e6822f2f8c5e9
dd407f8b3e53b5bce97869f6d77dc20d8787dbe5206ebe1b79b02c26b7cac630
ddc2f6a2bb705e6be21afb36c3f983d9e216a6e34d4e7c0dc7a0c05a7dc9e730
e098ea42bde38a242959e0e4751bdbfd1b238ae4188cee3dff4b7475aba84f04
e1fc6b6ed76b920de3c74bf0905d090d2e5a54c0687d06a5d4042641af0ae78c
e475bcc15da53b21ab3202ce0b25000c99ef4186a1d86e8ba258ab2cde3fb4ae
e53eea8c5f3d2763acedd65d0680d12f51c389ed1e61afb2f47c34477e6a996c
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
e9b02d8443bc1fdeb02c616dcbf54c5f85d2dc4943cf8133cfc750c950f05d5b
eb1f52007251aecad20fbb2152f9818653a595882dc03ac8830d02502cb19ac7
eb85fc494884c19e75ea6b43383d36bef5b0dca2e090a2ec39363842dfbdf692
edaed42c4eb8f11559b0b67dba981db2f4d0b655bcf0f00aa1a4ac022f5500ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdedfd2b2a291e7c90fbcdab29c6cfc3473d2d384baaeaee4f0b741f41acfd
eff4490e2a71f2fec96aec2e1b98f5b579351b921cb14a7aa9c11bca18ffaac5
f0bc8c3b2f60f746aa104f2466a125f67f89272d674eaeae6d3427eace06c993
f3edf3f0d746236ba0b639f0131d5a0a796228e009b451a995fd742100721c37
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f9f4ddf7a8871e51c3df13d1e4f127fb577915f1c7475d54a0440bf6384120c5
fac9eb638da2f8a40f73d0d78b0be6133e0565ef43bbb1fee0a5b9c83f11956d
fccadc27e3d9c281e8a1f1fc5cc5d20de53416346b9b176a9a58381449206e8f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.harrypottercamps.org Open in urlscan Pro 199.34.228.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

195 Requests

98 %HTTPS

54 %IPv6

25 Domains

36 Subdomains

36 IPs

2 Countries

8103 kBTransfer

52869 kBSize

0 Cookies

25 Outgoing links

Page URL History

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.harrypottercamps.org Open in urlscan Pro
199.34.228.75 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

98 %
HTTPS

54 %
IPv6

25
Domains

36
Subdomains

36
IPs

2
Countries

8103 kB
Transfer

52869 kB
Size

0
Cookies

195 HTTP transactions
0 data transactions