Submitted URL: https://content.sixflags.com/clicker/click.aspx?link=http:/%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%A4%F0%9D%90%A5%F0%9D...
Effective URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Submission: On February 11 via manual from GB — Scanned from GB

Summary

This website contacted 5 IPs in 5 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is heydayplaster.com.
TLS certificate: Issued by GTS CA 1P5 on December 24th 2022. Valid for: 3 months.
This is the only time heydayplaster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.17.137.249 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 195.133.83.182 398343 (BAXET-GROUP)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
19 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
26 5
Apex Domain
Subdomains
Transfer
18 heydayplaster.com
heydayplaster.com
592 KB
5 trk-epicurei.com
trk-epicurei.com — Cisco Umbrella Rank: 193119
event.trk-epicurei.com — Cisco Umbrella Rank: 246756
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 694
34 KB
1 deviationline.com
deviationline.com
697 B
1 numericline.com
numericline.com
439 B
1 googleapis.com
klfklzelfol.storage.googleapis.com
809 B
1 sixflags.com
content.sixflags.com — Cisco Umbrella Rank: 718338
998 B
26 7
Domain Requested by
18 heydayplaster.com numericline.com
heydayplaster.com
4 event.trk-epicurei.com trk-epicurei.com
1 trk-epicurei.com heydayplaster.com
1 code.jquery.com heydayplaster.com
1 deviationline.com 1 redirects
1 numericline.com klfklzelfol.storage.googleapis.com
1 klfklzelfol.storage.googleapis.com
1 content.sixflags.com 1 redirects
26 8

This site contains no links.

Subject Issuer Validity Valid
numericline.com
R3
2023-01-08 -
2023-04-08
3 months crt.sh
*.heydayplaster.com
GTS CA 1P5
2022-12-24 -
2023-03-24
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-07 -
2024-02-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Frame ID: 78349E42E0D518A52E4AC29009A7A9FE
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Antivirus

Page URL History Show full URLs

  1. https://content.sixflags.com/clicker/click.aspx?link=http:/%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%... HTTP 302
    http://klfklzelfol.storage.googleapis.com/gqojjopfzopopezfoofz.html?utm_source=&utm_medium=&utm_campaign=&utm_content=... Page URL
  2. https://numericline.com/1781/0/0/be9a8fb1672b666d58c3920056012c46/10/02/2023------BB Page URL
  3. https://deviationline.com/?s1=350324&s2=920527474&s3=2546&s10=1138&s4=1781&s5=10 HTTP 302
    https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

5
IPs

5
Countries

630 kB
Transfer

786 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://content.sixflags.com/clicker/click.aspx?link=http:/%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%B3%F0%9D%90%9E%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%A8%F0%9D%90%A5.%F0%9D%90%AC%F0%9D%90%AD%F0%9D%90%A8%F0%9D%90%AB%F0%9D%90%9A%F0%9D%90%A0%F0%9D%90%9E.%F0%9D%90%A0%F0%9D%90%A8%F0%9D%90%A8%F0%9D%90%A0%F0%9D%90%A5%F0%9D%90%9E%F0%9D%90%9A%F0%9D%90%A9%F0%9D%90%A2%F0%9D%90%AC.%F0%9D%90%9C%F0%9D%90%A8%F0%9D%90%A6:000000000080/././././././gqojjopfzopopezfoofz.html HTTP 302
    http://klfklzelfol.storage.googleapis.com/gqojjopfzopopezfoofz.html?utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_custom[NewsContentID]=0&utm_custom[IssueID]=0 Page URL
  2. https://numericline.com/1781/0/0/be9a8fb1672b666d58c3920056012c46/10/02/2023------BB Page URL
  3. https://deviationline.com/?s1=350324&s2=920527474&s3=2546&s10=1138&s4=1781&s5=10 HTTP 302
    https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://content.sixflags.com/clicker/click.aspx?link=http:/%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%B3%F0%9D%90%9E%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%A8%F0%9D%90%A5.%F0%9D%90%AC%F0%9D%90%AD%F0%9D%90%A8%F0%9D%90%AB%F0%9D%90%9A%F0%9D%90%A0%F0%9D%90%9E.%F0%9D%90%A0%F0%9D%90%A8%F0%9D%90%A8%F0%9D%90%A0%F0%9D%90%A5%F0%9D%90%9E%F0%9D%90%9A%F0%9D%90%A9%F0%9D%90%A2%F0%9D%90%AC.%F0%9D%90%9C%F0%9D%90%A8%F0%9D%90%A6:000000000080/././././././gqojjopfzopopezfoofz.html HTTP 302
  • http://klfklzelfol.storage.googleapis.com/gqojjopfzopopezfoofz.html?utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_custom[NewsContentID]=0&utm_custom[IssueID]=0

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
gqojjopfzopopezfoofz.html
klfklzelfol.storage.googleapis.com/
Redirect Chain
  • https://content.sixflags.com/clicker/click.aspx?link=http:/%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%A4%F0%9D%90%A5%F0%9D%90%B3%F0%9D%90%9E%F0%9D%90%A5%F0%9D%90%9F%F0%9D%90%A8%F0%9D%90%A5.%F0%9...
  • http://klfklzelfol.storage.googleapis.com/gqojjopfzopopezfoofz.html?utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_custom[NewsContentID]=0&utm_custom[IssueID]=0
129 B
809 B
Document
General
Full URL
http://klfklzelfol.storage.googleapis.com/gqojjopfzopopezfoofz.html?utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_custom[NewsContentID]=0&utm_custom[IssueID]=0
Protocol
HTTP/1.1
Server
2a00:1450:400d:80e::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=3600
Content-Length
129
Content-Type
text/html
Date
Sat, 11 Feb 2023 10:30:06 GMT
ETag
"c905833c7d777c6186cef4ab3b1667ae"
Expires
Sat, 11 Feb 2023 11:30:06 GMT
Last-Modified
Fri, 10 Feb 2023 11:38:46 GMT
Server
UploadServer
X-GUploader-UploadID
ADPycdsG_6KrFf0UEIfxfgGoUFokYU-q1eXaczel4ebEcSJ6RWgnwEwIB6cxwiV0wDkeez5Yn4OfQ3fI-8XW-nOOhMTr40e9CBlg
x-goog-generation
1676029126085407
x-goog-hash
crc32c=vf8UYg== md5=yQWDPH13fGGGzvSrOxZnrg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
129

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
797c6841dd0b0752-MAN
content-type
text/html; charset=utf-8
date
Sat, 11 Feb 2023 10:30:06 GMT
location
http:/%f0%9d%90%a4%f0%9d%90%a5%f0%9d%90%9f%f0%9d%90%a4%f0%9d%90%a5%f0%9d%90%b3%f0%9d%90%9e%f0%9d%90%a5%f0%9d%90%9f%f0%9d%90%a8%f0%9d%90%a5.%f0%9d%90%ac%f0%9d%90%ad%f0%9d%90%a8%f0%9d%90%ab%f0%9d%90%9a%f0%9d%90%a0%f0%9d%90%9e.%f0%9d%90%a0%f0%9d%90%a8%f0%9d%90%a8%f0%9d%90%a0%f0%9d%90%a5%f0%9d%90%9e%f0%9d%90%9a%f0%9d%90%a9%f0%9d%90%a2%f0%9d%90%ac.%f0%9d%90%9c%f0%9d%90%a8%f0%9d%90%a6:000000000080/././././././gqojjopfzopopezfoofz.html?utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_custom[NewsContentID]=0&utm_custom[IssueID]=0
p3p
policyref='/w3c/p3p.xml', CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge,chrome=1
2023------BB
numericline.com/1781/0/0/be9a8fb1672b666d58c3920056012c46/10/02/
143 B
439 B
Document
General
Full URL
https://numericline.com/1781/0/0/be9a8fb1672b666d58c3920056012c46/10/02/2023------BB
Requested by
Host: klfklzelfol.storage.googleapis.com
URL: http://klfklzelfol.storage.googleapis.com/gqojjopfzopopezfoofz.html?utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_custom[NewsContentID]=0&utm_custom[IssueID]=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.133.83.182 , Czech Republic, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://klfklzelfol.storage.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
143
content-type
text/html; charset=UTF-8
date
Sat, 11 Feb 2023 10:30:07 GMT
server
Apache
Primary Request a5c6d3f6267eda3ee0f8fa5b9949adad
heydayplaster.com/
Redirect Chain
  • https://deviationline.com/?s1=350324&s2=920527474&s3=2546&s10=1138&s4=1781&s5=10
  • https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
66 KB
13 KB
Document
General
Full URL
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Requested by
Host: numericline.com
URL: https://numericline.com/1781/0/0/be9a8fb1672b666d58c3920056012c46/10/02/2023------BB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a033f0ebce4607f23cb545f44bc0d9587ac4ceb46bfabfb04a01fb63bbdde3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://numericline.com/1781/0/0/be9a8fb1672b666d58c3920056012c46/10/02/2023------BB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
797c6851486b72eb-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 11 Feb 2023 10:30:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVj5B20QJznFgNr5Y11lu79Wyjqh0VsEDxInNF6voKi4ZZN7Vjt%2B%2FL4rZijlrdKiPOkVrzBXz6h0gsx5UvyrttrzJWMNFkth78Ssm7m5zR2%2B4FsgZkvjuzlfMqOqo%2Bt548SdGEVg4k5Y6%2BHUK0JATw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
797c684c68b174cd-LHR
content-type
text/html; charset=UTF-8
date
Sat, 11 Feb 2023 10:30:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBgfiruNNXA6uYeCbryfRRUJoChY4eMSC0nZKl4gtsLjWbnDA45YUxepD%2FyPDTmWKxXix2eOQr2Np%2FVADfoRsvhyVhtXp0vvdhdYv1pcyz0DciC3fdHAq0WYCnQK7FShwvJyLbhUQPDy47njCRv0Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
msg.js
heydayplaster.com/inc/
942 B
776 B
Script
General
Full URL
https://heydayplaster.com/inc/msg.js
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 12:25:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRMJXib4ApGhERmqQp4VmmkQuTut3T39yrOr8xuyzpY9WP%2FUAnnwOHN%2BjlskBjBw5CVQPZBetGxFZfiNlMQ2aX1aXDpQ7KIEm7KizOspjvhSGMEdjkR2sIQYbeZG1%2F7tg386E7PxzoD%2FyIWHYpd75w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
797c68551c4372eb-LHR
expires
Fri, 17 Feb 2023 11:44:43 GMT
9fb9b84f61ee98690ad9e2b7bb0b250a.png
heydayplaster.com/fim/1138/
5 KB
5 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/9fb9b84f61ee98690ad9e2b7bb0b250a.png
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e361f2ca65ed3595ad06c921afa3e61bf2c941b24dfe6937cdbb13321a8e20c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4938
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5191
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulcTxnBymvnSeRside18OjPSmKTHOaV3YYmBNXAO4kJM9mgEuIKzQhlP94TvxKpi2zlGJJcsCDlQTfQGV%2B63cb347kAA%2F867RASvI%2FX0hqnZXKX8jhxJVqslP0gMxc9wSsfEjBHcuBsRvVgrdmIe0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68551c4572eb-LHR
expires
Sat, 18 Feb 2023 09:07:51 GMT
f0fb0fc4edbb5c99d77265c59223fc95.png
heydayplaster.com/fim/1138/
2 KB
2 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/f0fb0fc4edbb5c99d77265c59223fc95.png
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78544e8ff1e531f921b487e67fb29d0a86d85a77aa9d3419b453146a340b7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4938
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1771
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54Z2IBbcLF1cpMUzwIytMD%2FmykebOj3veVlmayI2iZde7GI4vslrJIKNjmFzQWaaxFJxIKxNtbJ09uECEt5pGTN3bus27QahR2EGFpLEEv0p7LKJYyAwdywo1ItEcaWoTpN82s%2F9Wv%2F5W79gnymC3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68556ca272eb-LHR
expires
Sat, 18 Feb 2023 09:07:51 GMT
dc93b76418868e9c1a7ac362ace37232.png
heydayplaster.com/fim/1138/
110 KB
110 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/dc93b76418868e9c1a7ac362ace37232.png
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b70f59936d0dcd908fc0ad01051fee3ba007f5ded94489b5fde93c1649c88c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4938
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112633
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVCrcbwJiDFgX98fUDnr1tmpTcIWs9iThINmup8JkZ2yzyxFHibe5TTzfTTLHSDJ%2F0Ds4i5WT0ehJlFQ5NlLjw8n8Se5h%2F5bPfYwFio4P31iDsF0tUN7mgyiipeqZk0E%2BucfVj0kgB%2FuZ7t0vn5VRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68556ca372eb-LHR
expires
Sat, 18 Feb 2023 09:07:51 GMT
ee1f1ae275728a9b3ed69fb9e71557d2.png
heydayplaster.com/fim/1138/
2 KB
2 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/ee1f1ae275728a9b3ed69fb9e71557d2.png
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1216acea3bd6a3146e94270b0857bd97dc67fa05ed8922a92b8ee6f03704d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4938
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1903
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CbZ%2FLnghB%2FuQJOMJhRTf3nu2Mc7gMeYHhSVv2S9qRfxRb8snR8eO7nrsTbYAlmgYGfDgvNE3OM2YPYghISrrgvDAYeyFPA6JD1ynjSI5ACYWX4PajpBNoZL5lJ70qHnt2bK6BX86MESQlsvitCnrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68556ca472eb-LHR
expires
Sat, 18 Feb 2023 09:07:51 GMT
17df418dd072d8c65164ce2a216ac48e.png
heydayplaster.com/fim/1138/
1 KB
2 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/17df418dd072d8c65164ce2a216ac48e.png
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662edca6a1dd7f2c68d994b2b1f80b6f93df4b94f2cd14fe5174a7a94c550a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1395
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQKpCrQMqMAu5iy%2Bv5KAeV%2FS1LI1n8jp0KGKEZ54Dfe5jdrLKbV9xwpi05XT88z4mDg4w1BN0FGOEnTnjQ4jTLkmv2vF0SUtm7bh06m183Psi9PIKfAM2PqfYenJD7RQdATUhQD9lj%2FWcN8%2FQi2Kaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68556ca672eb-LHR
expires
Sat, 18 Feb 2023 09:07:51 GMT
lander.css
heydayplaster.com/templates/assets/
9 KB
2 KB
Stylesheet
General
Full URL
https://heydayplaster.com/templates/assets/lander.css
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4510bab255981b0603809be87ea6c1265506449ca79c4039b148592ae254a3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jan 2022 16:27:01 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ssMKGTLkjLbGFKGe6sEjzno6U9Z0gylc5oUl2T1wbYsjaEBF2lhlzY9nIGMQjg2hSeb8Ca9Hl3oMDiTfXh7sxcETx6iGrfXOZZu4a5mgTs5LI0VJ5oxoi18kwKNvF4cuFt41EYmGTNgt586v4G4yA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
797c68556c9672eb-LHR
expires
Fri, 17 Feb 2023 11:44:44 GMT
jquery.lightbox.css
heydayplaster.com/templates/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://heydayplaster.com/templates/assets/jquery.lightbox.css
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d25030cad5e23aa280c9a65fb19e973700ca57b5cb728d9b036d2207cb42057b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 22 Dec 2021 15:42:57 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZR6xAV%2B%2BRGlWU2MrtLTkuu7MvYNZU1bFVMbMXyr6RXhdeO02XHo%2FQtz7YnTgIkO1HGes%2F6wHevm0QTcRPiqYzycyOdnNXVbOsh3MGEGvlaqsUATMiT0jwK9FewHkaijRdRif4rrY%2Fdf8ls90eMO24Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
797c68556c9972eb-LHR
expires
Fri, 17 Feb 2023 11:44:44 GMT
email-decode.min.js
heydayplaster.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://heydayplaster.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Feb 2023 12:46:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63e4eb3a-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow9E6pwQDJ195UJkcBeU8W%2B%2BO87cOVdPYUgJqxYhgT8eEZ4GAYEmYxQ4rvUkmmkhDfcZh2tQbv8G7ITyHs3LJykUWcvQUiGP9qIoYI1WFomotEgo6HQssVk3BdIkvELig1jAPbdqLMBHL1lWGL2r0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
797c68556c9f72eb-LHR
expires
Mon, 13 Feb 2023 10:30:09 GMT
jquery-1.12.0.min.js
code.jquery.com/
95 KB
34 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMH4nZ8GEowBCiQxNTZiZDY2NS0xZTc5LTQ1YzEtYmEzOC1mNWNhNjQ4NjNhMjcQqKenrJKE/QIaBgix3J2fBiIRMjAwMTphYzg6MjE6ZTo6MTIogMsDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ5MzVjOTJlOC1iNGU0LTRiMmQtOWU3YS04NjE1YWM4Yzg2MTQYnIgCIhgIAhIUY2RzMjI3LmxvNC5od2Nkbi5uZXQ=.4bPN+XAB9h+HFsGbwSfP1auXhP9AatgYyWE6uJbjges=
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-17c52"
vary
Accept-Encoding
x-hw
1676111409.dop234.lo4.t,1676111409.cds307.lo4.hn,1676111409.cds227.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33820
jquery.lightbox.js
heydayplaster.com/templates/assets/
48 KB
14 KB
Script
General
Full URL
https://heydayplaster.com/templates/assets/jquery.lightbox.js
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Dec 2021 21:49:45 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJlA0PhKChsEBphC3fvs22ogjizy2Sr%2FO%2FSHDHQQ58aC9qHpjLSwThWP6yeXxAugu%2BoybRt2FEZPQGIncvuZYy6bkler04GH1luIhIPyzJ%2BKt5c5rvPINdSZQUkSZ4bTbScclXgd5kzeDHnozMCWRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
797c68556ca072eb-LHR
expires
Fri, 17 Feb 2023 11:44:44 GMT
main.js
heydayplaster.com/templates/assets/
66 B
518 B
Script
General
Full URL
https://heydayplaster.com/templates/assets/main.js
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b682f0ba621d4699d5d8710faf70073fd2db145bea324ea30c89395e3f752757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 17 Nov 2022 17:15:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvlxiNHrMGcOqqp8uVTCAvq5o5sFB2Tmnm9aliimE8qJvlm369jkKOjXpFycE0bvWFfEmmBtdpweqzvVC9nERrRVunxn7ELdqjRU2XwX%2BrOvHtYcGtTqse3kHHuip9%2FqB6dM51Iw27Bpqqc7uauppQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
797c68556ca172eb-LHR
expires
Fri, 17 Feb 2023 11:44:44 GMT
v9e118mez8
trk-epicurei.com/scripts/push/
7 KB
3 KB
Script
General
Full URL
https://trk-epicurei.com/scripts/push/v9e118mez8
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3711
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 11 Feb 2023 09:28:18 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVvzbbOUt6wtd6Zdi82RMo%2F0OMfw%2FoM4bPKhdC9ZFyoB1ydV2yb3w0VeOUado8w%2FkJaenTAbL6MdveH205i08BIaNlfd%2B51VGDUfWZE6e6%2Fs249XHbi0MekgTgLHLFv9CNGr%2F6r1kAJoOAGSVxXD"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
797c6855ffe5dcd3-LHR
expires
0
7559ae90510b711e739decae36214ce6.jpg
heydayplaster.com/fim/1138/
2 KB
3 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/7559ae90510b711e739decae36214ce6.jpg
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fd375cb3ecb3e1930a53542fc4c1253d18b77d1f97d784a6d8ecf735d500c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2535
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktX7XdiG%2BgmiSzST94g8q6Nu7NbpQd7zhhk5XgyVMt4vIF1WQf8Z86AIZ75UVlxKnQWvMYHJSLFag5u1%2BD1VZ84euu8dfAS5uk%2BaGNXe3Ttv5YSnT3Yx2v3kW9SkprycTWJH8SvqoiVRQDlBKhmp%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68556ca772eb-LHR
expires
Sat, 18 Feb 2023 09:07:52 GMT
b8ba78503865e17e6b07e01ad5ba2a00.jpg
heydayplaster.com/fim/1138/
225 KB
225 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/b8ba78503865e17e6b07e01ad5ba2a00.jpg
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fb645aee8606db59c84e228115420b8a7fb7d6b44bdd34963609145eaceb71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
229996
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mO5ep4fHR%2FEtJ3PfTyJCWxIksMSzelhBa89asyAZ1snp2d3KTA%2FbimPpBcGnECNd%2BLOseS3yyACZiJfL0xItbKR3V3Epf4kQNtu8Dcq7xXMAzCmLAc0zkyc7v0I%2Flful%2FoQ%2BxsDukTtwmYHvTeQhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68559cd572eb-LHR
expires
Sat, 18 Feb 2023 10:15:57 GMT
e4823d94ae09c8e542435a787ff0f064.png
heydayplaster.com/fim/1138/
6 KB
6 KB
Image
General
Full URL
https://heydayplaster.com/fim/1138/e4823d94ae09c8e542435a787ff0f064.png
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58546497e0a9e6a4926b54b3ac5219a39ec48ebe6b821c1bc6f5a38e9f0c1f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5770
x-xss-protection
1; mode=block
last-modified
Sat, 11 Feb 2023 08:56:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osBEtvbJYOzqEXerkuFi1cDLkbNQvT%2BkVs1dRvhsiDkGbYAG8f6DdJLka7fYkk7ZGbK014zZ3M10lSMGxr0TihTjY9kK7F5R6wnefWDTDEV4tmlR%2BcsUDDgustBdvbAEOv%2FF%2Flm5qP5QSqWQY3eD1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68559cd872eb-LHR
expires
Sat, 18 Feb 2023 09:07:52 GMT
SFUIDisplay-Semibold.woff2
heydayplaster.com/views/mcafee/assets/
68 KB
68 KB
Font
General
Full URL
https://heydayplaster.com/views/mcafee/assets/SFUIDisplay-Semibold.woff2
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089f0e4eb0c3da1bb90dd02a3b851eb3108f5da6ae2e71309e0474c63e926310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Origin
https://heydayplaster.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
69120
x-xss-protection
1; mode=block
last-modified
Wed, 16 Feb 2022 21:06:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLuNPi4%2FlI%2Bt8FS9dfcG76BYFoQ%2FjEJRItXEZNBEWk0M576HVPO9tngsbtEf0uZlDWMeetebW4A6xYIyo4TcCZCZ14WXkQ1IHxXMuL9m%2FUGJu0RBCsMZjaGaAl2ybR%2FWisiqVCNrYlsyr0I3%2FnLZ5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68559cd972eb-LHR
expires
Fri, 17 Feb 2023 11:44:44 GMT
SFUIDisplay-Bold.woff2
heydayplaster.com/views/mcafee/assets/
67 KB
67 KB
Font
General
Full URL
https://heydayplaster.com/views/mcafee/assets/SFUIDisplay-Bold.woff2
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326ba4238bbe0d5c76b808d68a1716c8f3e12a7e5f11470d6bf77660c547d332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Origin
https://heydayplaster.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68104
x-xss-protection
1; mode=block
last-modified
Wed, 16 Feb 2022 21:06:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRV5CyMB02gi8pGjAP2CLRvswiIBNhElJOBvqmq5RtBtaH26NVclaZh4pm5AG22GZYDAGhErPIozKnRnblxbTSuolItdeGf8wykDAxDx2sPJ9kMUygK7lZ4SXG%2FZGOhJWyao5vDPPwAjfOCylYL9cw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68559cda72eb-LHR
expires
Fri, 17 Feb 2023 11:44:44 GMT
SFUIDisplay-Medium.woff2
heydayplaster.com/views/mcafee/assets/
67 KB
67 KB
Font
General
Full URL
https://heydayplaster.com/views/mcafee/assets/SFUIDisplay-Medium.woff2
Requested by
Host: heydayplaster.com
URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2594664b342515f02a0579dc4af1f912f8ae9f9b274b0238e17be801d1e5ea7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Origin
https://heydayplaster.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:30:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68608
x-xss-protection
1; mode=block
last-modified
Wed, 16 Feb 2022 21:06:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qk6CjfMX72MofKDZvNWv5N2tLPJrlu3X0md%2FmnCSN1%2BqRMUnXBltXCez1GtqiV1SSeimxaqOcB9koJzNS4KJGdcL2u6Tj5EEyU%2Bb%2BZOEYF3%2FS9amnAyz7CVgdRUHO5zaZw1YNw5tbSx4ibFEDl3bHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
797c68559cdb72eb-LHR
expires
Fri, 17 Feb 2023 11:44:44 GMT
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heydayplaster.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sat, 11 Feb 2023 10:30:10 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0AAJ1obUW2Anj7iELM412TPbBEhWepaX2hDrJ4SVv2urLFMSphO%2FoXMAD0tmWPsr25JN7f%2BZ1oHX44LSodsTkmzpn00evv1wJCaYtbA%2F%2FDZVRx7hA93tQeywKyI8zELoo0rrahp%2Bpq5dQhrqRjTVS23u3Ux"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://heydayplaster.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
797c6859c8af778b-LHR
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://heydayplaster.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://heydayplaster.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
797c68588e47778b-LHR
content-length
0
date
Sat, 11 Feb 2023 10:30:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuAYVKXfCODIa4qD9IzPxWzjSmJwCxNC3YUokImfREnBuRW8M6X%2F8xO3KPwUOtKC7XSJPY2SqbohUP0jniNhByp9HyEWcUi4bM1CZ3%2BeLX0SFpLevqbV5FsHG3u232EvfZdvc2mnRkGfw5yaRUCIF4duzX6N"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heydayplaster.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sat, 11 Feb 2023 10:30:10 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhUiyagvwz3391uqNDWUtgYe3PUHrqEHY%2FL6ZektRCH0I1jibPB3DyQpdIKZkpRtXkzuAh5ZJCV5HxqhYSTaBNhd3hgcSstsjstec35CG7LbySyooN6zMEsFiEh2f0f9LzE8GrtPFNxxfdsXL3NkvSKz9GEr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://heydayplaster.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
797c6859c8ab778b-LHR
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://heydayplaster.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://heydayplaster.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
797c68588e48778b-LHR
content-length
0
date
Sat, 11 Feb 2023 10:30:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0R%2BlCa%2Ba1Z8zW73czNb5cy1DoWGFhOWsV0FbOw07DZfEg7YXfKXGd1xID3Q0uBp3HZ546WiGqvCJ8uPIceHMclC9jnbJmaDNGnv3%2BnorLPnTbQZWyvmCioKOP1hu59spCAgwoBpYtoIbGG8qeR3SW3SfxOML"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| $ function| jQuery

5 Cookies

Domain/Path Name / Value
.sixflags.com/ Name: __cf_bm
Value: LB0tJF2MERPBFTDASKVuV1eNJNQznfQkk22IOcKZADA-1676111406-0-Af8CfYLIfH9jXCVcNUbTJXXoL1JH2YiV8zM6/cq2gIZDiJTIlSoIP8tHXuzDvzf75h9m1/VX+4XiZ+fC9Gctyig=
.sixflags.com/ Name: __cfruid
Value: e1c8322f988193d3862d0e800041f00cac43d956-1676111406
numericline.com/ Name: uid2546
Value: 920527474-20230211053007-6e8ba00f5ac8de45de6516c0788f5bbf-1781
deviationline.com/ Name: PHPSESSID
Value: cd53f695a3b25f6862fbebfe49af0f9b
heydayplaster.com/ Name: PHPSESSID
Value: 6a35f47837f5b22b4320a21eacdbcfed

1 Console Messages

Source Level URL
Text
other error URL: https://heydayplaster.com/a5c6d3f6267eda3ee0f8fa5b9949adad
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
content.sixflags.com
deviationline.com
event.trk-epicurei.com
heydayplaster.com
klfklzelfol.storage.googleapis.com
numericline.com
trk-epicurei.com
104.17.137.249
195.133.83.182
2001:4de0:ac18::1:a:2a
2606:4700:3034::6815:5116
2a00:1450:400d:80e::2010
2a06:98c1:3121::3
2a06:98c1:3121::c
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
089f0e4eb0c3da1bb90dd02a3b851eb3108f5da6ae2e71309e0474c63e926310
2594664b342515f02a0579dc4af1f912f8ae9f9b274b0238e17be801d1e5ea7d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
326ba4238bbe0d5c76b808d68a1716c8f3e12a7e5f11470d6bf77660c547d332
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
662edca6a1dd7f2c68d994b2b1f80b6f93df4b94f2cd14fe5174a7a94c550a68
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
b1216acea3bd6a3146e94270b0857bd97dc67fa05ed8922a92b8ee6f03704d58
b682f0ba621d4699d5d8710faf70073fd2db145bea324ea30c89395e3f752757
c4fb645aee8606db59c84e228115420b8a7fb7d6b44bdd34963609145eaceb71
c6fd375cb3ecb3e1930a53542fc4c1253d18b77d1f97d784a6d8ecf735d500c2
c78544e8ff1e531f921b487e67fb29d0a86d85a77aa9d3419b453146a340b7d2
d25030cad5e23aa280c9a65fb19e973700ca57b5cb728d9b036d2207cb42057b
d4510bab255981b0603809be87ea6c1265506449ca79c4039b148592ae254a3b
d9b70f59936d0dcd908fc0ad01051fee3ba007f5ded94489b5fde93c1649c88c
e2a033f0ebce4607f23cb545f44bc0d9587ac4ceb46bfabfb04a01fb63bbdde3
e361f2ca65ed3595ad06c921afa3e61bf2c941b24dfe6937cdbb13321a8e20c5
f58546497e0a9e6a4926b54b3ac5219a39ec48ebe6b821c1bc6f5a38e9f0c1f6