ipfs.io Open in urlscan Pro
2602:fea2:2::1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://track.smtpsendemail.com/9030104/c?p=2rHFi0LI91iNMklbhYPldLYtQLcZklDYOmAJlvZ02B3ul7CxCNYZFLJ4rhElWxN2XJCIaqOTneVI0P5DSvEQ...
Effective URL:
https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html
Submission: On February 06 via manual (February 6th 2023, 2:57:22 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 19 domains to perform 42 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is ipfs.io. The Cisco Umbrella rank of the primary domain is 46875.
TLS certificate: Issued by R3 on January 10th 2023. Valid for: 3 months.

This is the only time ipfs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.40.165.109 192.40.165.109	19005 (MOZGROUP-...) (MOZGROUP-SMTP)
1	170.106.49.115 170.106.49.115	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1 2	2602:fea2:2::1 2602:fea2:2::1	40680 (PROTOCOL) (PROTOCOL)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.91.26.29 74.91.26.29	33387 (NOCIX) (NOCIX)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2400:52e0:1e0... 2400:52e0:1e00::1055:1	200325 (BUNNYCDN) (BUNNYCDN)
1 1	192.69.21.48 192.69.21.48	21729 (CROWN-EQU...) (CROWN-EQUIPMENT)
16	193.158.69.70 193.158.69.70	3320 (DTAG Inte...) (DTAG Internet service provider operations)
1 1	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	18.210.254.78 18.210.254.78	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
4	2a02:26f0:11a... 2a02:26f0:11a::217:9a48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
42	20

1 192.40.165.109 (United States) 1 redirects

ASN19005 (MOZGROUP-SMTP, US)
PTR: track.smtpsend.com

track.smtpsendemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.106.49.115 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

u356tgg.dss.us-east-1.oortech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:fea2:2::1 (United States) 1 redirects

ASN40680 (PROTOCOL, US)

ipfs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.91.26.29 (United States)

ASN33387 (NOCIX, US)
PTR: prompt-gcd.selflost.net

www.pngkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1055:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

ipfs.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.69.21.48 (United States) 1 redirects

ASN21729 (CROWN-EQUIPMENT, US)

crown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 193.158.69.70 (Zorneding, Germany)

ASN3320 (DTAG Internet service provider operations, DE)

www.crown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.254.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-254-78.compute-1.amazonaws.com

api.ipstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:11a::217:9a48 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	crown.com 1 redirects crown.com — Cisco Umbrella Rank: 143416 www.crown.com — Cisco Umbrella Rank: 278993	501 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 436 p.typekit.net — Cisco Umbrella Rank: 598	77 KB
3	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2258 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742	53 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	64 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	64 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	180 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	5 KB
2	ipfs.io 1 redirects ipfs.io — Cisco Umbrella Rank: 46875	16 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2295	495 B
1	ipstack.com api.ipstack.com — Cisco Umbrella Rank: 17930	1 KB
1	gstatic.com t3.gstatic.com	755 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	287 B
1	ipfs.tech ipfs.tech — Cisco Umbrella Rank: 443814
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 673	24 KB
1	pngkey.com www.pngkey.com — Cisco Umbrella Rank: 72080	58 KB
1	oortech.com u356tgg.dss.us-east-1.oortech.com	886 B
1	smtpsendemail.com 1 redirects track.smtpsendemail.com — Cisco Umbrella Rank: 136436	282 B
42	19

	Domain	Requested by
16	www.crown.com	ipfs.io www.crown.com
4	use.typekit.net	www.crown.com use.typekit.net
2	www.youtube.com	u356tgg.dss.us-east-1.oortech.com www.youtube.com
2	www.google-analytics.com	www.crown.com www.google-analytics.com
2	www.googletagmanager.com	www.crown.com www.googletagmanager.com
2	cdn.jsdelivr.net	ipfs.io www.googletagmanager.com
2	stackpath.bootstrapcdn.com	ipfs.io
2	ipfs.io	1 redirects u356tgg.dss.us-east-1.oortech.com
1	p.typekit.net	use.typekit.net
1	cdn.polyfill.io	www.crown.com
1	api.ipstack.com	www.crown.com
1	t3.gstatic.com	ipfs.io
1	www.google.com	1 redirects
1	crown.com	1 redirects
1	ipfs.tech	ipfs.io
1	ajax.googleapis.com	ipfs.io
1	maxcdn.bootstrapcdn.com	ipfs.io
1	cdnjs.cloudflare.com	ipfs.io
1	code.jquery.com	ipfs.io
1	www.pngkey.com	ipfs.io
1	u356tgg.dss.us-east-1.oortech.com
1	track.smtpsendemail.com	1 redirects
42	22

This site contains no links.

Subject Issuer	Validity	Valid
*.dss.us-east-1.oortech.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-22` - `2023-11-22`	a year	crt.sh
dweb.link R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
pngkey.com R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
www.crown.com DigiCert SHA2 Extended Validation Server CA	`2022-03-07` - `2023-03-07`	a year	crt.sh
apilayer.net Amazon	`2022-10-10` - `2023-11-08`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html
Frame ID: CDE7156F7A448BD7F376ABC4897CB4A8
Requests: 13 HTTP requests in this frame

Frame: https://www.crown.com/global-selector-page.html
Frame ID: 52920B5981DD8CAC978AC41EBB596042
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CROWN

Page URL History Show full URLs

http://track.smtpsendemail.com/9030104/c?p=2rHFi0LI91iNMklbhYPldLYtQLcZklDYOmAJlvZ02B3ul7CxCNYZFLJ4rhElWxN2... HTTP 302
https://u356tgg.dss.us-east-1.oortech.com/index.html Page URL
https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/clientlibs/
/etc\.clientlibs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

42
Requests

95 %
HTTPS

73 %
IPv6

19
Domains

22
Subdomains

20
IPs

6
Countries

1080 kB
Transfer

3376 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://track.smtpsendemail.com/9030104/c?p=2rHFi0LI91iNMklbhYPldLYtQLcZklDYOmAJlvZ02B3ul7CxCNYZFLJ4rhElWxN2XJCIaqOTneVI0P5DSvEQjCk1-jkh0ODLnJVNYNLIOdRYlxLeEQlMN2BB_PzjEoMlTTLUfA38gNgA7XuwuQUThkzg3zgjNj3UBGJp0fURKoZAMiWSUB1vaSEKCkciM-4g1R4v4JcUtd3TRzygWE1Yqg== HTTP 302
https://u356tgg.dss.us-east-1.oortech.com/index.html Page URL
https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://track.smtpsendemail.com/9030104/c?p=2rHFi0LI91iNMklbhYPldLYtQLcZklDYOmAJlvZ02B3ul7CxCNYZFLJ4rhElWxN2XJCIaqOTneVI0P5DSvEQjCk1-jkh0ODLnJVNYNLIOdRYlxLeEQlMN2BB_PzjEoMlTTLUfA38gNgA7XuwuQUThkzg3zgjNj3UBGJp0fURKoZAMiWSUB1vaSEKCkciM-4g1R4v4JcUtd3TRzygWE1Yqg== HTTP 302
https://u356tgg.dss.us-east-1.oortech.com/index.html

Request Chain 10

https://ipfs.io/img/bg-image.jpg HTTP 301
https://ipfs.tech/img/bg-image.jpg

Request Chain 11

https://crown.com/ HTTP 301
https://www.crown.com/

Request Chain 12

https://www.google.com/s2/favicons?domain=https://crown.com HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://crown.com&size=16

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html
u356tgg.dss.us-east-1.oortech.com/
Redirect Chain

http://track.smtpsendemail.com/9030104/c?p=2rHFi0LI91iNMklbhYPldLYtQLcZklDYOmAJlvZ02B3ul7CxCNYZFLJ4rhElWxN2XJCIaqOTneVI0P5DSvEQjCk1-jkh0ODLnJVNYNLIOdRYlxLeEQlMN2BB_PzjEoMlTTLUfA38gNgA7XuwuQUThkzg3z...
https://u356tgg.dss.us-east-1.oortech.com/index.html

198 B
886 B

343ms
116ms

Document
text/html

170.106.49.115
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://u356tgg.dss.us-east-1.oortech.com/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.106.49.115 Ashburn, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Authorization, Content-Length, X-CSRF-Token, token, session, Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
access-control-max-age: 3628800
content-disposition: inline; filename="index.html"
content-encoding: gzip
content-type: text/html
date: Mon, 06 Feb 2023 14:57:17 GMT
last-modified: Mon, 06 Feb 2023 08:02:06 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 06 Feb 2023 14:57:17 GMT
Location: https://u356tgg.dss.us-east-1.oortech.com/index.html#john.tate@crown.com
Server: nginx

GET
H2 200 Primary Request QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE Show response
ipfs.io/ipfs/ 30 KB
16 KB 23ms
7ms Document
text/html 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Requested by

Host: u356tgg.dss.us-east-1.oortech.com
URL: https://u356tgg.dss.us-east-1.oortech.com/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

a73e8c6e685b26b006d896094a17d9a677960efa69fe31503a2d13c4c484b3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://u356tgg.dss.us-east-1.oortech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods: GET GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="pag.html"; filename*=UTF-8''pag.html
content-encoding: gzip
content-type: text/html
date: Mon, 06 Feb 2023 14:57:17 GMT
etag: W/"QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE"
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-ipfs-datasize: 30715
x-ipfs-gateway-host: ipfs-bank7-fr2
x-ipfs-lb-pop: gateway-bank2-fr2
x-ipfs-path: /ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE
x-ipfs-pop: ipfs-bank7-fr2
x-ipfs-roots: QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE
x-proxy-cache: HIT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 35ms
18ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 894
age: 3913818
cdn-cachedat: 06/21/2022 18:36:46
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 26dc42b107cdf3a7e53269f95f5a14ed
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7954bcc65cbe2bf6-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 273-2730664_post-3952-0-55928700-1409495560-thumb-antivirus-eset.png
www.pngkey.com/png/detail/ 77 KB
58 KB 522ms
250ms Image
image/png 74.91.26.29
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngkey.com/png/detail/273-2730664_post-3952-0-55928700-1409495560-thumb-antivirus-eset.png
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.91.26.29 , United States, ASN33387 (NOCIX, US),
Reverse DNS: prompt-gcd.selflost.net
Software: nginx/1.14.0 /
Resource Hash: b0f4eaefd45c14ca5f25b0906c439d18140cf26c7a512cf6932b0716833eb86c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Nov 2018 16:08:02 GMT
Server: nginx/1.14.0
ETag: W/"5bfc1a62-132aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 40ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://ipfs.io/
Origin: https://ipfs.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:17 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-10fdd"
vary: Accept-Encoding
x-hw: 1675695437.dop057.fr8.t,1675695437.cds143.fr8.hn,1675695437.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 31ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipfs.io/
Origin: https://ipfs.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 474437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WErFMbFi9wt9Fzyegwd0c7KdOf33PH%2Bm26Qs0iu3wW1QhZcTRkOBmodF93yvtdu%2BWpFGjp4VADy8Y%2Bw03okZv0RO0%2F%2F2cdK1tuo3RAOczw6rBy2ZL9oiEPmnrTavnYWCb61cfYIHymHPIFaH7WzD6Pi4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7954bcc69efd3819-FRA
expires: Sat, 27 Jan 2024 14:57:17 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 34ms
16ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipfs.io/
Origin: https://ipfs.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 1850885
cdn-cachedat: 03/10/2022 17:24:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ef892ff5c9dc085ec0475b37e1c16524
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7954bcc69c9791d2-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 100ms
23ms Script
text/javascript 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:22:58 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 15ms
14ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 845
age: 3913620
cdn-cachedat: 07/13/2022 17:30:46
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7bde012c47e0eeb67993e8e75d655340
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7954bcc67cee2bf6-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.session.min.js Show response
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ 2 KB
1 KB 51ms
11ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 14:57:17 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 5381701
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 933
x-served-by: cache-fra-eddf8230128-FRA, cache-hhn-etou8220046-HHN
x-jsd-version-type: version
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99b5561cd177e23d6a81072c2e739d11e0e2f2c591a4a1483c6f15292cdec1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2

404

bg-image.jpg
ipfs.tech/img/
Redirect Chain

https://ipfs.io/img/bg-image.jpg
https://ipfs.tech/img/bg-image.jpg

0
0

75ms
53ms

Image
text/plain

2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipfs.tech/img/bg-image.jpg
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html
Protocol: H2
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Mon, 06 Feb 2023 14:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: openresty
x-ipfs-lb-pop: gateway-bank2-fr2
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ipfs.tech/img/bg-image.jpg
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length: 166

GET
H/1.1

200
OK

/ Show response
www.crown.com/ Frame 5292
Redirect Chain

https://crown.com/
https://www.crown.com/

8 KB
2 KB

123ms
25ms

Document
text/html

193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

c108ae518bc41e2a2e4359f3052095c39f99d02dc05f4abdcd5922a33134d43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipfs.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: https://shop.crown.com
Age: 15
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1866
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Feb 2023 14:57:18 GMT
ETag: "1f18-5f4093e79d3d7-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 06 Feb 2023 14:57:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

Connection: Keep-Alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 06 Feb 2023 14:57:18 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.crown.com/
Server: Apache
Strict-Transport-Security: max-age=63072000

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://crown.com
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://crown.com&size=16

207 B
755 B

51ms
14ms

Image
image/png

2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://crown.com&size=16

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/QmRPrtqcDbZew4UG96ajGUbFfNzY4KRQWHFGjzKwLC5dzE?filename=pag.html

Protocol

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1266c6877cabe041c29a73c7be03491d9124f067c92964e5d8ab83eadaecfde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:18 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207
x-xss-protection: 0
last-modified: Wed, 19 Jun 2019 17:47:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.crown.com/etc/designs/global-web/favicon.ico
expires: Mon, 13 Feb 2023 14:57:18 GMT

Redirect headers

date: Mon, 06 Feb 2023 14:57:18 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://crown.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Mon, 06 Feb 2023 15:27:18 GMT

GET
H/1.1 200
OK clientlib-jquery.min.e122e9399f7e45d1282df356d3ab371d.js Show response
www.crown.com/etc.clientlibs/global-web/clientlibs/ Frame 5292 90 KB
32 KB 24ms
24ms Script
application/javascript 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/etc.clientlibs/global-web/clientlibs/clientlib-jquery.min.e122e9399f7e45d1282df356d3ab371d.js

Requested by

Host: www.crown.com
URL: https://www.crown.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

284e4217b73408866a3f15eb5a67815caa5db9825c03e46731e4c0728e742d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:18 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 1044689
Connection: Keep-Alive
Content-Length: 32264
Last-Modified: Tue, 20 Jul 2021 15:21:02 GMT
Server: Apache
ETag: "16639-5c78f9a07b380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: https://shop.crown.com
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK ipstackapiservlet Show response
www.crown.com/bin/ Frame 5292 32 B
385 B 140ms
140ms XHR
application/json 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/bin/ipstackapiservlet

Requested by

Host: www.crown.com
URL: https://www.crown.com/etc.clientlibs/global-web/clientlibs/clientlib-jquery.min.e122e9399f7e45d1282df356d3ab371d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

fb0c9ecffa01b800f7dce992e972fac3f4dd44d8fba6cf4683e4ac782dec0a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.crown.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:18 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://shop.crown.com
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 32

GET
H/1.1 200
OK check Show response
api.ipstack.com/ Frame 5292 964 B
1 KB 465ms
134ms Script
application/javascript 18.210.254.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipstack.com/check?access_key=ebd4b27f79ff83f8b0f6363525f4c67c&callback=jQuery35107744640011727706_1675695438612&_=1675695438613
Requested by: Host: www.crown.com
URL: https://www.crown.com/etc.clientlibs/global-web/clientlibs/clientlib-jquery.min.e122e9399f7e45d1282df356d3ab371d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.254.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-254-78.compute-1.amazonaws.com
Software: /
Resource Hash: a9f96a0959df1c3bdd46c8b9de9ac952ece3cbe8a491162570267651cfffc5b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:19 GMT
x-apilayer-transaction-id: b802aa3d-9df0-4927-bc02-3a8e98e9f71c
transfer-encoding: chunked
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-request-time: 0.031
x-quota-limit: 500000
access-control-allow-headers: *
x-increment-usage: 1
x-quota-remaining: 491788

HEAD
H/1.1 404
Not Found en-de.html Show response
www.crown.com/ Frame 5292 0
295 B 141ms
141ms XHR
text/html 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/en-de.html

Requested by

Host: www.crown.com
URL: https://www.crown.com/etc.clientlibs/global-web/clientlibs/clientlib-jquery.min.e122e9399f7e45d1282df356d3ab371d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Referer: https://www.crown.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:19 GMT
Strict-Transport-Security: max-age=63072000
x-aem-error-pass: true
Server: Apache
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: https://shop.crown.com
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK global-selector-page.html Show response
www.crown.com/ Frame 5292 57 KB
6 KB 505ms
505ms Document
text/html 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/global-selector-page.html

Requested by

Host: www.crown.com
URL: https://www.crown.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

e8d7a458894b62b498f79a9660bcc9c638ec6c3d94f8ff6f8bfbf76acd41f566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: https://shop.crown.com
Age: 0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5965
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Feb 2023 14:57:19 GMT
ETag: W/"e360-5f4093f7269dc-gzip"
Keep-Alive: timeout=5, max=96
Last-Modified: Mon, 06 Feb 2023 14:57:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK granite.min.57766139da76f0bf04fd814b060cbf14.js Show response
www.crown.com/etc/clientlibs/global-web/ Frame 5292 115 KB
41 KB 26ms
26ms Script
application/javascript 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/etc/clientlibs/global-web/granite.min.57766139da76f0bf04fd814b060cbf14.js

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

a8a8a05d2eadbfc440401dafcc196ac51a198f57a8f07717acc5cbc8e3aec31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:19 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 1045009
Connection: Keep-Alive
Content-Length: 41512
Last-Modified: Wed, 30 May 2018 13:54:33 GMT
Server: Apache
ETag: "1cb07-56d6cb0c2b840-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: https://shop.crown.com
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 5292 222 B
495 B 76ms
46ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.min.js
Requested by: Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:19 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2023 20:44:27 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/109.0.0
server-timing: PASS, fastly;desc="Edge time";dur=31
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 126

GET
H/1.1 200
OK application.css
www.crown.com/etc/clientlibs/global-web/page/head/css/compiled/ Frame 5292 475 KB
75 KB 105ms
49ms Stylesheet
text/css 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/etc/clientlibs/global-web/page/head/css/compiled/application.css

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

34025ee2b4f6cb940f36cb90537e13d8bcff43ebc4db77a74d6ad998e63adb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:19 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Jan 2023 12:27:15 GMT
Server: Apache
Age: 1045009
ETag: "76c39-5f315c09e0ec0-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: https://shop.crown.com
Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 teg2oye.css
use.typekit.net/ Frame 5292 6 KB
1 KB 126ms
33ms Stylesheet
text/css 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/teg2oye.css

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

982e87ad37abc85471ece68e29fa344d83ea1e1f07aa8c14a21a50e3f58d958c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 06 Feb 2023 14:57:20 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 897

GET
H/1.1 200
OK clientlib-vendor.min.2e81a7e4810ec301db3db4fc3233ce35.js Show response
www.crown.com/etc.clientlibs/global-web/clientlibs/ Frame 5292 739 KB
199 KB 96ms
39ms Script
application/javascript 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/etc.clientlibs/global-web/clientlibs/clientlib-vendor.min.2e81a7e4810ec301db3db4fc3233ce35.js

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

68ebf3b6f8f6e5ca2f57b0f9c036441f3370016f8628358ea93cdde2d7f3c6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:19 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 1045009
Transfer-Encoding: chunked
Connection: Keep-Alive
Last-Modified: Thu, 05 May 2022 00:51:06 GMT
Server: Apache
ETag: "b8d00-5de39230b5280-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: https://shop.crown.com
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK crown-logo.png
www.crown.com/content/dam/crown/images/global-product-selector/ Frame 5292 2 KB
3 KB 56ms
26ms Image
image/png 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crown.com/content/dam/crown/images/global-product-selector/crown-logo.png

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

ff40b1fdb023ed9f6f888dff9e8195405094d94f8d202952e56cf02dd50d2a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Sep 2016 12:30:56 GMT
Server: Apache
Age: 1807752
ETag: "95d-53bea15b32000"
Content-Type: image/png
Access-Control-Allow-Origin: https://shop.crown.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2397

GET
H/1.1 200
OK americas-map.jpg
www.crown.com/content/dam/crown/images/global-product-selector/ Frame 5292 5 KB
5 KB 62ms
18ms Image
image/jpeg 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crown.com/content/dam/crown/images/global-product-selector/americas-map.jpg

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

2fec18866acb90d1d95f624a65fc25f0e3ceccd3d1b47cbe303e8f2f243d3bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Sep 2016 12:30:56 GMT
Server: Apache
Age: 1807752
ETag: "1217-53bea15b32000"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://shop.crown.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 4631

GET
H/1.1 200
OK emea-map.jpg
www.crown.com/content/dam/crown/images/global-product-selector/ Frame 5292 5 KB
5 KB 45ms
25ms Image
image/jpeg 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crown.com/content/dam/crown/images/global-product-selector/emea-map.jpg

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

bbafb26a4e637c921b9f8944817f42b5d96f290735a68905667606301ff70c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Sep 2016 12:30:56 GMT
Server: Apache
Age: 1807752
ETag: "136e-53bea15b32000"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://shop.crown.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4974

GET
H/1.1 200
OK apac-map.jpg
www.crown.com/content/dam/crown/images/global-product-selector/ Frame 5292 4 KB
4 KB 48ms
28ms Image
image/jpeg 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crown.com/content/dam/crown/images/global-product-selector/apac-map.jpg

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

9338d9e7a265255b8bc39b4901fed0286a366b04ec68135d84b657e6ea2e9b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Sep 2016 12:30:56 GMT
Server: Apache
Age: 1807752
ETag: "e93-53bea15b32000"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://shop.crown.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3731

GET
H/1.1 200
OK clientlib.min.a3d0ad5b245f2d2bfc70b35f228f22aa.js Show response
www.crown.com/etc/clientlibs/global-web/ Frame 5292 214 KB
58 KB 40ms
39ms Script
application/javascript 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/etc/clientlibs/global-web/clientlib.min.a3d0ad5b245f2d2bfc70b35f228f22aa.js

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

28252d34a2fa7f10885b3066416fb56d4b0a760d800af9c5c96b33605f0a5d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 1044987
Transfer-Encoding: chunked
Connection: Keep-Alive
Last-Modified: Tue, 13 Dec 2022 02:18:04 GMT
Server: Apache
ETag: "35681-5efac3ad4ef00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: https://shop.crown.com
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK dealerLocator.min.4cec692d3c4f632653e87fceb4c3104a.js Show response
www.crown.com/etc/clientlibs/global-web/ Frame 5292 6 KB
2 KB 55ms
25ms Script
application/javascript 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/etc/clientlibs/global-web/dealerLocator.min.4cec692d3c4f632653e87fceb4c3104a.js

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

e53fae838c2be5b38e88b17a693034896bdd72e5a997d9aa1ab8788a453f5482

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 1045022
Connection: Keep-Alive
Content-Length: 1842
Last-Modified: Wed, 25 Jan 2023 12:27:15 GMT
Server: Apache
ETag: "1618-5f315c09e0ec0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: https://shop.crown.com
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK token.json Show response
www.crown.com/libs/granite/csrf/ Frame 5292 2 B
397 B 141ms
141ms XHR
application/json 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crown.com/libs/granite/csrf/token.json

Requested by

Host: www.crown.com
URL: https://www.crown.com/etc/clientlibs/global-web/granite.min.57766139da76f0bf04fd814b060cbf14.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=iso-8859-1
Access-Control-Allow-Origin: https://shop.crown.com
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 2
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5292 379 KB
101 KB 128ms
64ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJLHW2

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ff6190020c1f459577cd0186b899c4acc75843ec1f7df61aff8f26bffb9a1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102814
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 14:57:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5292 49 KB
20 KB 83ms
20ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 13:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6312
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Feb 2023 15:12:08 GMT

GET
H2 200 p.css
p.typekit.net/ Frame 5292 5 B
181 B 91ms
13ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=teg2oye&ht=tk&f=6803.6805.6846.6848.6849.6850.6851.6852&a=919409&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/teg2oye.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/cafa63/00000000000000000001709a/27/ Frame 5292 25 KB
25 KB 88ms
34ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cafa63/00000000000000000001709a/27/l?primer=b93a5577135833316a4dada2798b83b950903b2a476aaa097bde85ee821a901d&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/teg2oye.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b63399e1bfa31e4038387652f785e238a10a362224150167749cd1ca415a1136

Request headers

Referer: https://use.typekit.net/teg2oye.css
Origin: https://www.crown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
server: nginx
etag: "1c8c6addb208cd91fea0699ce938797274078623"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25724

GET
H2 200 l
use.typekit.net/af/b9b50c/0000000000000000000170b1/27/ Frame 5292 25 KB
25 KB 69ms
32ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b9b50c/0000000000000000000170b1/27/l?primer=b93a5577135833316a4dada2798b83b950903b2a476aaa097bde85ee821a901d&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/teg2oye.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0be808ad4fd3f30b8419f51b2ac80e1e57adf7ebd7fff80208b277e890532b10

Request headers

Referer: https://use.typekit.net/teg2oye.css
Origin: https://www.crown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
server: nginx
etag: "6027a144992ddc9380ae8da1a59db8034f74c134"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25328

GET
H2 200 l
use.typekit.net/af/c630c3/000000000000000000017098/27/ Frame 5292 25 KB
25 KB 68ms
30ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c630c3/000000000000000000017098/27/l?primer=b93a5577135833316a4dada2798b83b950903b2a476aaa097bde85ee821a901d&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/teg2oye.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2288bbb496e0f123d945c54dc62fd45daed46135feec06682948f4f829ee7eb4

Request headers

Referer: https://use.typekit.net/teg2oye.css
Origin: https://www.crown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
server: nginx
etag: "98dc57d3422d536c5c97048c33dc30ee0868ac24"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25332

GET
H2 200 js Show response
www.google-analytics.com/gtm/ Frame 5292 111 KB
44 KB 47ms
46ms Script
application/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PG9R4SC&cid=536842915.1675695440

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeb73ca50d137de8382406a1079e46e45e5b42b131faefcf8032a31171acb2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44404
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 14:57:20 GMT

GET
H/1.1 200
OK bkgd-image.jpg
www.crown.com/content/dam/crown/images/global-product-selector/ Frame 5292 67 KB
67 KB 25ms
25ms Image
image/jpeg 193.158.69.70
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crown.com/content/dam/crown/images/global-product-selector/bkgd-image.jpg

Requested by

Host: www.crown.com
URL: https://www.crown.com/global-selector-page.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.158.69.70 Zorneding, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

3e2f938ffc8f71d03467312b379a277efff10ce958ac3c92d6b447e962ba8070

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/global-selector-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:57:20 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 Jun 2018 13:36:49 GMT
Server: Apache
Age: 1807750
ETag: "10a85-56dd1068c3e40"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://shop.crown.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 68229

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 5292 992 B
2 KB 132ms
68ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: u356tgg.dss.us-east-1.oortech.com
URL: https://u356tgg.dss.us-east-1.oortech.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3bbfd5809ca9c520b3565dad1b49bebe6da051f31d29db91c24711ccd98dfdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 06 Feb 2023 14:57:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5292 233 KB
79 KB 52ms
52ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5DY05YPM6T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJLHW2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c0a77a2d55fc7811fc44a8ec160037cee762827914c549171d05e2fcfec0049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:57:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Feb 2023 14:57:20 GMT

GET
H2 200 htmlMediaElementsTracker.min.js Show response
cdn.jsdelivr.net/npm/@analytics-debugger/html-media-elements@latest/dist/ Frame 5292 9 KB
3 KB 14ms
14ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@analytics-debugger/html-media-elements@latest/dist/htmlMediaElementsTracker.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJLHW2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7bad5fe315f9cc904e9b2359ac8ae82bb77a049bc6aa6928a69bcc25ce292b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 14:57:20 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 31032
x-jsd-version: 0.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3070
x-served-by: cache-fra-eddf8230113-FRA, cache-hhn-etou8220046-HHN
x-jsd-version-type: version
etag: W/"2552-QY5YDe2QAjm3BD4caHhXhH8nqww"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/ Frame 5292 184 KB
62 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c10e8ee50e4bf9b31339e9806ede6d08cfffeb40165e0c49553482fe710066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63074
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 14:32:51 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ipfs.io/	1970-01-20 09:28:15	Name: __session:0.6526907350895077: Value: https:
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: eFYd78Dbdps
.youtube.com/	1970-01-20 13:47:27	Name: DEVICE_INFO Value: ChxOekU1TnpBMU56RXhORGcwT1RNMU1USXlOdz09ENCqhJ8GGNCqhJ8G
.youtube.com/	1970-01-20 13:47:27	Name: VISITOR_INFO1_LIVE Value: hti3CPnqWuw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://ipfs.tech/img/bg-image.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.crown.com/etc.clientlibs/global-web/clientlibs/clientlib-jquery.min.e122e9399f7e45d1282df356d3ab371d.js(Line 166) Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipstack.com
cdn.jsdelivr.net
cdn.polyfill.io
cdnjs.cloudflare.com
code.jquery.com
crown.com
ipfs.io
ipfs.tech
maxcdn.bootstrapcdn.com
p.typekit.net
stackpath.bootstrapcdn.com
t3.gstatic.com
track.smtpsendemail.com
u356tgg.dss.us-east-1.oortech.com
use.typekit.net
www.crown.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.pngkey.com
www.youtube.com
170.106.49.115
18.210.254.78
192.40.165.109
192.69.21.48
193.158.69.70
2001:4de0:ac18::1:a:1b
2400:52e0:1e00::1055:1
2602:fea2:2::1
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:827::2004
2a00:1450:400d:806::200e
2a00:1450:400d:808::2004
2a00:1450:400d:808::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2008
2a02:26f0:11a::217:9a48
2a02:26f0:3500:16::215:148b
2a04:4e42:200::485
2a04:4e42:400::282
74.91.26.29
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0be808ad4fd3f30b8419f51b2ac80e1e57adf7ebd7fff80208b277e890532b10
1266c6877cabe041c29a73c7be03491d9124f067c92964e5d8ab83eadaecfde4
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ff6190020c1f459577cd0186b899c4acc75843ec1f7df61aff8f26bffb9a1be
2288bbb496e0f123d945c54dc62fd45daed46135feec06682948f4f829ee7eb4
28252d34a2fa7f10885b3066416fb56d4b0a760d800af9c5c96b33605f0a5d98
284e4217b73408866a3f15eb5a67815caa5db9825c03e46731e4c0728e742d9a
2fec18866acb90d1d95f624a65fc25f0e3ceccd3d1b47cbe303e8f2f243d3bf3
34025ee2b4f6cb940f36cb90537e13d8bcff43ebc4db77a74d6ad998e63adb7a
3e2f938ffc8f71d03467312b379a277efff10ce958ac3c92d6b447e962ba8070
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c0a77a2d55fc7811fc44a8ec160037cee762827914c549171d05e2fcfec0049
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
60c10e8ee50e4bf9b31339e9806ede6d08cfffeb40165e0c49553482fe710066
68ebf3b6f8f6e5ca2f57b0f9c036441f3370016f8628358ea93cdde2d7f3c6f7
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
9338d9e7a265255b8bc39b4901fed0286a366b04ec68135d84b657e6ea2e9b57
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
982e87ad37abc85471ece68e29fa344d83ea1e1f07aa8c14a21a50e3f58d958c
99b5561cd177e23d6a81072c2e739d11e0e2f2c591a4a1483c6f15292cdec1ab
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a73e8c6e685b26b006d896094a17d9a677960efa69fe31503a2d13c4c484b3e4
a8a8a05d2eadbfc440401dafcc196ac51a198f57a8f07717acc5cbc8e3aec31b
a9f96a0959df1c3bdd46c8b9de9ac952ece3cbe8a491162570267651cfffc5b9
b0f4eaefd45c14ca5f25b0906c439d18140cf26c7a512cf6932b0716833eb86c
b63399e1bfa31e4038387652f785e238a10a362224150167749cd1ca415a1136
bbafb26a4e637c921b9f8944817f42b5d96f290735a68905667606301ff70c90
c108ae518bc41e2a2e4359f3052095c39f99d02dc05f4abdcd5922a33134d43e
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d3bbfd5809ca9c520b3565dad1b49bebe6da051f31d29db91c24711ccd98dfdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53fae838c2be5b38e88b17a693034896bdd72e5a997d9aa1ab8788a453f5482
e7bad5fe315f9cc904e9b2359ac8ae82bb77a049bc6aa6928a69bcc25ce292b6
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8d7a458894b62b498f79a9660bcc9c638ec6c3d94f8ff6f8bfbf76acd41f566
eeb73ca50d137de8382406a1079e46e45e5b42b131faefcf8032a31171acb2ee
fb0c9ecffa01b800f7dce992e972fac3f4dd44d8fba6cf4683e4ac782dec0a3b
ff40b1fdb023ed9f6f888dff9e8195405094d94f8d202952e56cf02dd50d2a38

ipfs.io Open in urlscan Pro 2602:fea2:2::1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

95 %HTTPS

73 %IPv6

19 Domains

22 Subdomains

20 IPs

6 Countries

1080 kBTransfer

3376 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ipfs.io Open in urlscan Pro
2602:fea2:2::1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

95 %
HTTPS

73 %
IPv6

19
Domains

22
Subdomains

20
IPs

6
Countries

1080 kB
Transfer

3376 kB
Size

4
Cookies

42 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!