www.buchheits.com Open in urlscan Pro
35.160.166.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u9912718.ct.sendgrid.net/ls/click?upn=MTrajQGPjZVpezsYe7p6-2Bb4aOdINotdpMEEBQx-2F0Wjc-3D_qx2_BSvGzVec9G4kGdtxDAT2BmtnaJuG...
Effective URL:
https://www.buchheits.com/
Submission: On November 16 via manual (November 16th 2023, 8:32:47 pm UTC) from MX — Scanned from US

Summary HTTP 154 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 45 IPs in 2 countries across 46 domains to perform 154 HTTP transactions. The main IP is 35.160.166.85, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.buchheits.com. The Cisco Umbrella rank of the primary domain is 654720.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 7th 2023. Valid for: a year.

This is the only time www.buchheits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID)
1 1	35.155.196.186 35.155.196.186	16509 (AMAZON-02) (AMAZON-02)
1 15	35.160.166.85 35.160.166.85	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
15	108.139.29.34 108.139.29.34	16509 (AMAZON-02) (AMAZON-02)
1	13.35.93.60 13.35.93.60	16509 (AMAZON-02) (AMAZON-02)
12	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	18.164.124.111 18.164.124.111	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:b0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:215... 2600:9000:215f:2000:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	34.83.202.81 34.83.202.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
2	54.192.51.43 54.192.51.43	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	34.29.191.173 34.29.191.173	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
22 25	34.133.71.175 34.133.71.175	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2600:9000:215... 2600:9000:215f:fa00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 2	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
1	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:65f5:303c:b7e2:2e7f	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.162.3.89 3.162.3.89	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:21d... 2600:9000:21da:8200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:215... 2600:9000:215f:9a00:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.85.132.15 52.85.132.15	16509 (AMAZON-02) (AMAZON-02)
1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	63.251.28.133 63.251.28.133	26558 (FREEWHEEL) (FREEWHEEL)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
4 4	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	52.3.119.146 52.3.119.146	14618 (AMAZON-AES) (AMAZON-AES)
1	23.62.105.110 23.62.105.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	54.211.145.128 54.211.145.128	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.92.190.69 23.92.190.69	10913 (INTERNAP-BLK) (INTERNAP-BLK)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1 2	68.67.178.10 68.67.178.10	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
154	45

1 167.89.123.16 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u9912718.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.196.186 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-196-186.us-west-2.compute.amazonaws.com

buchheits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.160.166.85 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-166-85.us-west-2.compute.amazonaws.com

www.buchheits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 108.139.29.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-34.jfk50.r.cloudfront.net

d3jf0pgexz92qy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-60.jfk50.r.cloudfront.net

d3sfvumtar0nke.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0d (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 18.164.124.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-111.jfk50.r.cloudfront.net

images.buchheits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:b0d (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:215f:2000:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.83.202.81 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.202.83.34.bc.googleusercontent.com

60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

buchheitshelp.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.51.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-43.yul62.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.29.191.173 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.191.29.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.133.71.175 (Council Bluffs, United States) 22 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:fa00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.127.204.142 (United States) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:65f5:303c:b7e2:2e7f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-89.yul62.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:8200:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:9a00:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.132.15 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-15.iad50.r.cloudfront.net

syncv4.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.119.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-119-146.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.105.110 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-105-110.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.211.145.128 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-145-128.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.92.190.69 (Houston, United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.178.10 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	buchheits.com 2 redirects buchheits.com — Cisco Umbrella Rank: 605710 www.buchheits.com — Cisco Umbrella Rank: 654720 images.buchheits.com — Cisco Umbrella Rank: 811972	638 KB
27	simpli.fi 22 redirects tag.simpli.fi — Cisco Umbrella Rank: 4323 i.simpli.fi — Cisco Umbrella Rank: 3693 um.simpli.fi — Cisco Umbrella Rank: 795	12 KB
16	cloudfront.net d3jf0pgexz92qy.cloudfront.net d3sfvumtar0nke.cloudfront.net	670 KB
12	gstatic.com fonts.gstatic.com	534 KB
8	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 15282 60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com	140 KB
7	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	4 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2137 ekr.zdassets.com — Cisco Umbrella Rank: 2470	548 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	238 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2436 pbid.pro-market.net — Cisco Umbrella Rank: 7860	1 KB
3	intentiq.com 2 redirects sync.intentiq.com — Cisco Umbrella Rank: 886 syncv4.intentiq.com — Cisco Umbrella Rank: 15800	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	626 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 522	511 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	893 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 415	832 B
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 882	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	834 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	683 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1743	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 560 d.agkn.com — Cisco Umbrella Rank: 755	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	730 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	959 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
2	reachlocalservices.com capture-api.reachlocalservices.com — Cisco Umbrella Rank: 18380	571 B
2	zendesk.com buchheitshelp.zendesk.com	2 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	69 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8345 prism.app-us1.com — Cisco Umbrella Rank: 8381	8 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	774 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 145	547 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 988	634 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 921	446 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1749	421 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566	654 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924	552 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6321	175 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	452 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 716	545 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 8582	315 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	6 KB
1	sendgrid.net 1 redirects u9912718.ct.sendgrid.net	225 B
154	46

	Domain	Requested by
39	images.buchheits.com	www.buchheits.com d3jf0pgexz92qy.cloudfront.net
25	um.simpli.fi	22 redirects
15	d3jf0pgexz92qy.cloudfront.net	www.buchheits.com d3jf0pgexz92qy.cloudfront.net
15	www.buchheits.com	1 redirects d3jf0pgexz92qy.cloudfront.net
12	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	www.buchheits.com d3sfvumtar0nke.cloudfront.net client
5	60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com	cdn.rlets.com d3jf0pgexz92qy.cloudfront.net
5	static.zdassets.com	d3jf0pgexz92qy.cloudfront.net static.zdassets.com
4	cm.g.doubleclick.net	4 redirects
4	www.google-analytics.com	www.googletagmanager.com d3jf0pgexz92qy.cloudfront.net
4	www.googletagmanager.com	d3jf0pgexz92qy.cloudfront.net www.buchheits.com www.googletagmanager.com cdn.rlets.com
3	www.google.com	www.buchheits.com
3	cdn.rlets.com	d3jf0pgexz92qy.cloudfront.net cdn.rlets.com
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	px.ads.linkedin.com	1 redirects
2	idsync.rlcdn.com	2 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	syncv4.intentiq.com	1 redirects
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.1rx.io	2 redirects
2	s.amazon-adsystem.com	1 redirects
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	cdn.rlets.com connect.facebook.net
2	bat.bing.com	www.buchheits.com
2	capture-api.reachlocalservices.com	d3jf0pgexz92qy.cloudfront.net
2	buchheitshelp.zendesk.com	static.zdassets.com
2	ekr.zdassets.com	d3jf0pgexz92qy.cloudfront.net
2	www.youtube.com	d3jf0pgexz92qy.cloudfront.net www.youtube.com
1	www.facebook.com
1	pixel.rubiconproject.com
1	www.googleadservices.com	1 redirects
1	pippio.com	1 redirects
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	ads.stickyadstv.com
1	image2.pubmatic.com
1	sync.intentiq.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net	1 redirects
1	i.simpli.fi	tag.simpli.fi
1	tag.simpli.fi	cdn.rlets.com
1	stats.g.doubleclick.net	d3jf0pgexz92qy.cloudfront.net
1	trackcmp.net	diffuser-cdn.app-us1.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	www.buchheits.com
1	d3sfvumtar0nke.cloudfront.net	client
1	cdnjs.cloudflare.com	www.buchheits.com
1	buchheits.com	1 redirects
1	u9912718.ct.sendgrid.net	1 redirects
154	59

This site contains links to these domains. Also see Links.

Domain
maps.google.com

Subject Issuer	Validity	Valid
www.buchheits.com Amazon RSA 2048 M01	`2023-08-07` - `2024-09-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2023-10-05` - `2024-01-03`	3 months	crt.sh
images.buchheits.com Amazon RSA 2048 M02	`2023-10-05` - `2024-11-03`	a year	crt.sh
prism.app-us1.com E1	`2023-09-24` - `2023-12-23`	3 months	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.rlets.com Amazon RSA 2048 M03	`2023-10-31` - `2024-11-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
captureapi.localiq.com R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
buchheitshelp.zendesk.com Cloudflare Inc ECC CA-3	`2023-09-03` - `2024-09-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.reachlocalservices.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.buchheits.com/
Frame ID: 11E0D0F1B46B2215FE245E7778023CF1
Requests: 140 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NS7SVZ4
Frame ID: FE975BC763A0C980C412C5EA01E75672
Requests: 1 HTTP requests in this frame

Frame: https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/storage.html
Frame ID: 8336CE1DDBAF23B841354347EE4ED176
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Frame ID: C76C8B554F25607F52B3C79BEA520EB3
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Frame ID: F949B0DB31A7AB863B478EC94DDC349A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: C554F70538B07FD73FF3AC781812EEB0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: CDBCE3C86A38F887319C3B99FACA737F
Requests: 1 HTTP requests in this frame

Frame: https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/storage.html
Frame ID: B614E7657C9AB2630E206C689886BDB3
Requests: 1 HTTP requests in this frame

Frame: https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/storage.html
Frame ID: 660C75EBEDED833032BA7183466AC2C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Buchheit Family Owned & Operated Since 1934

Page URL History Show full URLs

https://u9912718.ct.sendgrid.net/ls/click?upn=MTrajQGPjZVpezsYe7p6-2Bb4aOdINotdpMEEBQx-2F0Wjc-3D_qx2_BSvGzVec... HTTP 302
https://buchheits.com/ HTTP 308
http://www.buchheits.com/ HTTP 308
https://www.buchheits.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

154
Requests

86 %
HTTPS

39 %
IPv6

46
Domains

59
Subdomains

45
IPs

2
Countries

2998 kB
Transfer

13503 kB
Size

74
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://maps.google.com/?q=2415%20N%206th%20St%20Beatrice,%20Nebraska%2068310
Title: 2415 N 6th St Beatrice, Nebraska 68310

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=700%20N%2012th%20Murray,%20Kentucky%2042071
Title: 700 N 12th Murray, Kentucky 42071

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1340%20W.%20McCord%20St.%20Centralia,%20Illinois%2062801
Title: 1340 W. McCord St. Centralia, Illinois 62801

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1140%20E.%20City%20Rt.%2040%20Greenville,%20Illinois%2062246
Title: 1140 E. City Rt. 40 Greenville, Illinois 62246

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=2801%20Old%20Orchard%20Rd.%20Jackson,%20Missouri%2063755
Title: 2801 Old Orchard Rd. Jackson, Missouri 63755

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1817%20North%20Market%20St.%20Sparta,%20Illinois%2062286
Title: 1817 North Market St. Sparta, Illinois 62286

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1011%20South%20Perryville%20Blvd%20Perryville,%20Missouri%2063775
Title: 1011 South Perryville Blvd Perryville, Missouri 63775

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=2200%20West%20Morton%20Ave.%20Jacksonville,%20Illinois%2062650
Title: 2200 West Morton Ave. Jacksonville, Illinois 62650

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=200%20Riverview%20Plaza%20Dr.%20Herculaneum,%20Missouri%2063048
Title: 200 Riverview Plaza Dr. Herculaneum, Missouri 63048

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=420%20Highway%2049N%20Paragould,%20Arkansas%2072451
Title: 420 Highway 49N Paragould, Arkansas 72451

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=4550%20Gravois%20Rd%20House%20Springs,%20Missouri%2063051
Title: 4550 Gravois Rd House Springs, Missouri 63051

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1817%20E%20Parker%20Rd.%20Jonesboro,%20Arkansas%2072404
Title: 1817 E Parker Rd. Jonesboro, Arkansas 72404

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1966%20Highway%2062%20Pocahontas,%20Arkansas%2072455
Title: 1966 Highway 62 Pocahontas, Arkansas 72455

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1310%20US%2054%20Business%20Fulton,%20Missouri%2065251
Title: 1310 US 54 Business Fulton, Missouri 65251

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=2304%20Missouri%20Blvd%20Jefferson%20City,%20Missouri%2065109
Title: 2304 Missouri Blvd Jefferson City, Missouri 65109

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=3300%20Paris%20Rd.%20Columbia,%20Missouri%2065202
Title: 3300 Paris Rd. Columbia, Missouri 65202

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=3910%20S%20Providence%20Rd.%20Columbia,%20Missouri%2065203
Title: 3910 S Providence Rd. Columbia, Missouri 65203

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=2302%20S%20Baltimore%20St%20Kirksville,%20Missouri%2063501
Title: 2302 S Baltimore St Kirksville, Missouri 63501

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=1100%20S%20Highway%207%20Blue%20Springs,%20Missouri%2064014
Title: 1100 S Highway 7 Blue Springs, Missouri 64014

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=2501%20E%204th%20St%20North%20Platte,%20Nebraska%2069101
Title: 2501 E 4th St North Platte, Nebraska 69101

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u9912718.ct.sendgrid.net/ls/click?upn=MTrajQGPjZVpezsYe7p6-2Bb4aOdINotdpMEEBQx-2F0Wjc-3D_qx2_BSvGzVec9G4kGdtxDAT2BmtnaJuGTx59yqIEtW0o3efum7DbB7HLCQbJTnbVjb7WFvw-2BsFMIBfMpqVItXyEgpSTK-2Ff4bPgskq9HuC7-2FWKDAoJD4hSRsoCHACpIVbKaoaVjMWvJLEzpdKRyxH-2B5k3gsLTq3rpFg9KkgZaSa0v8A77ERdRYce87G2zILCGu2aMoNesDyIVDlCGRPW2f9D41Z0KzhhZqH9hoxYyC-2B-2FbfcY-3D HTTP 302
https://buchheits.com/ HTTP 308
http://www.buchheits.com/ HTTP 308
https://www.buchheits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=4898fb7238&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=4898fb7238&gdpr=0&gdpr_consent=&dcc=t

Request Chain 126

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://sync.1rx.io/usersync/simplifi/0E99DE6DBEA146B0BE5412B771E4627B?zcc=1&cb=1700166759975 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b2ef931f-3e54-47e4-a1ba-d0d0e0cc3523-005

Request Chain 127

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=0E99DE6DBEA146B0BE5412B771E4627B&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=0E99DE6DBEA146B0BE5412B771E4627B&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 128

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 129

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 130

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://d.agkn.com/pixel/10751/?che=1700166760002&ip=206.66.96.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213830604702011689336 HTTP 302
https://um.simpli.fi/aa_px?sk=213830604702011689336 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 131

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B&ripv6=2600:803:a88:1134::134 HTTP 302
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B&ripv6=2600:803:a88:1134::134&ckls=true&ci=NYXgFNKrDQ&nc=false&trid=1522812844

Request Chain 132

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 133

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 134

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=0E99DE6DBEA146B0BE5412B771E4627B;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=0E99DE6DBEA146B0BE5412B771E4627B;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODg5MjUzODE2ODg1MDEzOTgzMA== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMP_ho824gtOn7pH_5Qy4cU&google_cver=1

Request Chain 135

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=0E99DE6DBEA146B0BE5412B771E4627B&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=0E99DE6DBEA146B0BE5412B771E4627B&j=0&xl8blockcheck=1

Request Chain 136

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=0E99DE6DBEA146B0BE5412B771E4627B&verify=true

Request Chain 137

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 138

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 139

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 140

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=0E99DE6DBEA146B0BE5412B771E4627B&dnr=1

Request Chain 141

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=0E99DE6DBEA146B0BE5412B771E4627B HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMEU5OURFNkRCRUExNDZCMEJFNTQxMkI3NzFFNDYyN0IQABoNCOf42aoGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&rand=06318491 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&rand=06318491&expected_cookie=624c03f5-b417-49d0-8777-2635576c24ce

Request Chain 142

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700166759410&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2115567471&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=Z3xWZYyCJsmdoPMPuZKCsAg&sscte=1&crd=&pscrd=IhMIzNGQ3q7JggMVyQ5oCB05iQCG HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=2115567471&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzNGQ3q7JggMVyQ5oCB05iQCG&is_vtc=1&ocp_id=Z3xWZYyCJsmdoPMPuZKCsAg&cid=CAQSKQDICaaNVenmZA6qeF3sKXcG3yWyi5Ddf7K4oj8vsePTbRVj_s-JH6w9&random=1666768148

Request Chain 144

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=0E99DE6DBEA146B0BE5412B771E4627B HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 145

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0E99DE6DBEA146B0BE5412B771E4627B&expires=365

Request Chain 146

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0E99DE6DBEA146B0BE5412B771E4627B

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEMHJQ2aCb1nbYmFX29JPB_g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E99DE6DBEA146B0BE5412B771E4627B HTTP 302
https://um.simpli.fi/g_match?id=

154 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.buchheits.com/
Redirect Chain

https://u9912718.ct.sendgrid.net/ls/click?upn=MTrajQGPjZVpezsYe7p6-2Bb4aOdINotdpMEEBQx-2F0Wjc-3D_qx2_BSvGzVec9G4kGdtxDAT2BmtnaJuGTx59yqIEtW0o3efum7DbB7HLCQbJTnbVjb7WFvw-2BsFMIBfMpqVItXyEgpSTK-2Ff4b...
https://buchheits.com/
http://www.buchheits.com/
https://www.buchheits.com/

11 KB
4 KB

5409ms
5123ms

Document
text/html

35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buchheits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-166-85.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: bd4c1f597b36cc8e08489702ad758aca27eda3b2f607f690f5f8f8825a593ccd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: public, max-age=31536000
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 20:32:35 GMT
ETag: W/"2ae0-18bc9313840"
Last-Modified: Mon, 13 Nov 2023 14:58:48 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Thu, 16 Nov 2023 20:32:30 GMT
Location: https://www.buchheits.com/

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 199ms
38ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.buchheits.com
URL: https://www.buchheits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 464418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBaiK6Nlp7P3vqBsosDQfiXaBO9RtcG0QSopSdgQIjdZJWtcGRX6KeF5TzvM5kFPrI2lMgIbBizWyCRue4Q75f1I5oqftK7S1FBeGst%2BGDeaY3d4C2rtzCL7e%2FbMeV%2FW2erd19wXk3vm9yQnr7QEuiOh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8272810eff410f51-EWR
expires: Tue, 05 Nov 2024 20:32:35 GMT

GET
H2 200 icon
fonts.googleapis.com/ 2 KB
957 B 199ms
47ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone&display=swap

Requested by

Host: www.buchheits.com
URL: https://www.buchheits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a3d473e6550c3986337f6ca961007e1cdba5e714e3b3d1f93e414779dec676a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 20:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 20:32:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 20:32:35 GMT

GET
H2 200 runtime.d549db01725b7563.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 4 KB
2 KB 147ms
40ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e934d60a1d298c6c8d2e03983c128b4075ee6b7ceea0b753f0d75bac0a955d9

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:11:50 GMT
content-encoding: br
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 19267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"30fd83e798d075bb3730d801c83b134e"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: 1DxZ1QLsvjxyu9aK4z3H5lQylKKfp2iTfmvDu6X0QecrKBu2ZQmexg==

GET
H2 200 polyfills.697ab46c3ace96b0.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 39 KB
13 KB 168ms
61ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4046219fcdada2da4fdb0e57b3ecd389fabbb9fbd8a4983a227f27f827ff14c

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:40:16 GMT
content-encoding: gzip
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 85940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"51b38d0ca60cfb0ad731f19cea3e8027"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: FMhDlfod8S_D97e9Mk35faHDrn5pLNpp4e7sA9u0Ko7AJytRGSa_KA==

GET
H2 200 vendor.20e19b525a17347d.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 1 MB
324 KB 149ms
42ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/vendor.20e19b525a17347d.js
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b42c943a04bfcd747db5365d3a2d2644ca0ed445f0dda6cc10a85a2c3bd0caf

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:15:32 GMT
content-encoding: br
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 4653
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"b96dfca7d11b3b3235fe6aae77ba26a6"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: 1qF1S4NgQdaqBpsU2YgpI2uhW0JkhWq1D9GJgqSo5GTmouyIRmt8UQ==

GET
H2 200 main.29d9b46f51e2a2ae.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 1 MB
65 KB 136ms
29ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/main.29d9b46f51e2a2ae.js
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6167fb906310f6a3e0319afe1f5f731d545abe4480523081b324df02a5cdebad

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:15:32 GMT
content-encoding: br
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 4653
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"d78835e206ceee33480cd5476ee8d816"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: P-V4vXYXfyweEt-Y0ibZ8r5zvL0oKUEVeYgppzQEi7-quOgCNw-8Kw==

GET
H2 200 font-face.css
d3sfvumtar0nke.cloudfront.net/scss/ 11 KB
2 KB 188ms
32ms Stylesheet
text/css 13.35.93.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3sfvumtar0nke.cloudfront.net/scss/font-face.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-60.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b6e46bbf5860a92dd51095bd1568072fa36e5bb783377441c024aa4b2573397

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:17:13 GMT
content-encoding: br
via: 1.1 c2439c5d69ec72a2ab666c2eba104244.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 09:34:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 83722
etag: W/"22a8126715861412a0237932abc4f864"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: CKb0q3Gwoejbjxf_NvFpSTd8-c1ausRDFSvIZTCETP3_6wteIUnn2w==

GET
H2 200 styles.1dbba5581dfd98dd.css
d3jf0pgexz92qy.cloudfront.net/js/ 563 KB
27 KB 135ms
30ms Stylesheet
text/css 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/styles.1dbba5581dfd98dd.css
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 356992d24c0aa5454213c817e0afcde5695e2e6a4192cfa1d8f52888b9530d2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:42 GMT
content-encoding: br
via: 1.1 ef24c2f85065aa2c39cf270c915f3398.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 16854
x-amz-server-side-encryption: AES256
etag: W/"3d2718b25ae77d83c4bfc00b2180b58b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 5ohpvDnhLGoHgzXe_b7Wqc6btEjxRxOPJLOVBReShj_gkATAmjDAyA==

GET
H2 200 css
fonts.googleapis.com/ 16 KB
961 B 39ms
39ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Requested by

Host: d3sfvumtar0nke.cloudfront.net
URL: https://d3sfvumtar0nke.cloudfront.net/scss/font-face.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f376559469a9016a28c16d89aa314866e02e5b03f1b6103151c40f0a050efb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3sfvumtar0nke.cloudfront.net/scss/font-face.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 20:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 20:32:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 20:32:35 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 123ms
33ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:05:29 GMT
x-content-type-options: nosniff
age: 563226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 08:05:29 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 130ms
38ms Script
application/javascript 2606:4700::6810:a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: www.buchheits.com
URL: https://www.buchheits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:35 GMT
content-encoding: gzip
via: 1.1 0f954bea3b233fb0b6e1981b1e8b6bd8.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: IAD50-C2
age: 215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 827281107e01c3f8-EWR
x-amz-cf-id: 1qR1IzqVrGPWLY5eiPdQEvhBDMey8kmzunUKxD7GnCc9hF78DVsHJg==

GET
H2 200 565.cb3f50425008d3db.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 175 KB
57 KB 23ms
22ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/565.cb3f50425008d3db.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 034e04fee796c30eed3a33a61ac7481530ef9b5c23b69c7ffa60f857d1d57eff

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:40:16 GMT
content-encoding: gzip
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 85940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"e946491ed82c0363b8feea09a03fff7f"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: ZIHi_pAjNqnkHndGadCN6ZlEKBPDjPa_sPr-eHVv6g_NqYL78Ws3DQ==

GET
H2 200 va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
24 KB 28ms
26ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 17:20:11 GMT
x-content-type-options: nosniff
age: 184345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24868
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 17:20:11 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 24ms
23ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 16:29:06 GMT
x-content-type-options: nosniff
age: 446610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24020
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 16:29:06 GMT

GET
H/1.1 200
OK / Show response
www.buchheits.com/backend/api/v1/allstoreslist/ 27 KB
4 KB 112ms
112ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/allstoreslist/?status=Active&limit=100&offset=0&search=&sorton=id&sorttype=asc

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

20745eebcaafba7d0f4f75e455aac14cbedcbb7fbcc306379ad49dc144e7a1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 23ms
22ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 08:49:12 GMT
x-content-type-options: nosniff
age: 128604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 08:49:12 GMT

GET
H2 200 gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v109/ 152 KB
152 KB 57ms
56ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsoutlined/v109/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 17:22:26 GMT
x-content-type-options: nosniff
age: 184210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155276
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 20:24:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 17:22:26 GMT

GET
H2 200 698.40e9d734d5246e8f.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 166 KB
20 KB 56ms
49ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/698.40e9d734d5246e8f.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fca43184dce0ede875bb35ed3fb180437a6cacc3f5b33d595c82249ff12df0b

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:41:44 GMT
content-encoding: gzip
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 3067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"410bab8459f1a23c46f9d51ee09b8c8b"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: gk4TRMJE5jbik9Z-ZHITqPLMTtcZJBzmAgVt4HEnHHuGNJ7rXGtWPQ==

GET
H2 200 896.3e8c71986ed4af59.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 15 KB
5 KB 63ms
57ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/896.3e8c71986ed4af59.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0378ea299d7b50f0c1f5b2549faab7ea7f6097819d7b5744d8896a58e50cc61e

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:41:09 GMT
content-encoding: gzip
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 85888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"795cb9faa65b3f6b4598fdb3650002ee"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: TOI3FhnXQ6Z8Wuf4SXKbk6sjEt-NB-yf0RarOofxO6ILPUik7s85sw==

GET
H2 200 745.159462d2b7db25ea.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 50 KB
13 KB 61ms
56ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/745.159462d2b7db25ea.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 456e4f00399edc1b13996773a01a3f7f3f36d2f429c2fe47d17037d75d1b677d

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:36:31 GMT
content-encoding: br
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 46567
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 30 Oct 2023 14:51:39 GMT
server: AmazonS3
etag: W/"39685d3ad1ad305520ba6b5a9923ea49"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: aeeC5dzdEYn9GrxX8Saqafe0vmYrS_LNaEn-7SXcG3AqOCk9uodM8w==

GET
H2 200 555.fa5c5ec038844f49.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 21 KB
6 KB 68ms
64ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/555.fa5c5ec038844f49.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f01639714e8deb23e0c8c5689b9ea24818726429e106fcd75842a2110757ae62

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:41:09 GMT
content-encoding: gzip
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 85888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"b4edcf8e75f71fddc718caa2ad0d788d"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: MbbSafRFTCvZmB0VuU3-v8ZbbDYEc2598BXR4-M5gLGyOBuIaXgLcw==

GET
H2 200 934.7864cfd6ab5191e3.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 170 KB
34 KB 70ms
65ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/934.7864cfd6ab5191e3.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93149792ed48b1f357afbfa1dae022cade5f62e5a16e86b95e8625385286ab8e

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:30:40 GMT
content-encoding: br
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 39717
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 30 Oct 2023 14:51:39 GMT
server: AmazonS3
etag: W/"4ace8bc04b015f26be1a78ea478193f7"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: TlnjhaYn5yupVmdhZrcezpKztTSE4ysznAel2Gu0c-Lh_uNqbGe7rg==

GET
H2 200 922.6efcd59d124017d7.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 66 KB
14 KB 81ms
77ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/922.6efcd59d124017d7.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f87a8948da0cfc54b6e3598f6a1a8a5409fb56359603f50c300b257cdc02724b

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:42:43 GMT
content-encoding: gzip
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 6618
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"87487fb7ceacc219e15656b18936223f"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: TjNpkOb8T8dBJHEowzKyufiZmde-XHfnshn0kLJseiNfrqqhppk4Ew==

GET
H2 200 194.0afa7456c8da8e62.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 4 MB
80 KB 83ms
80ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/194.0afa7456c8da8e62.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2062349e2099f2d2e412cae1afef4b9d0759d1feebe0aa4fd5ae0c4d4ee9c7f3

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:41:18 GMT
content-encoding: br
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 32310
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"3a88a88b404e297f8730f74ca4dbbc59"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: OGooYOCDNQbEuqYeMEtqzw-ETc60RkgjeYhxlKcy9Bt9IGAmwlYWOA==

GET
H2 200 538.b3eeb0fef98d4763.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 623 B
1 KB 82ms
79ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/538.b3eeb0fef98d4763.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 143201484c907f3f8e9e8312c7f0852921b2beb05cbc75b75c57cdb9053e6f3b

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:57:58 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 20389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 623
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: "4b96fe148327465677b42e30dc61e9f7"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: U0blvg4auMLc_uaSGkc2jaCQEOZAIGcow_UDY8cDz9YAldGwRNqNgQ==

GET
H2 200 logo.png
images.buchheits.com/assets/images/fit-in/296x60/filters:blur(50)/ 4 KB
4 KB 217ms
58ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/assets/images/fit-in/296x60/filters:blur(50)/logo.png
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: ea9fa505a1a0a2c1be20d4bdf96bf6f1d8ed5826a3dbe468cd5e531ed3df9635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:15:55 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 7445801
x-amzn-requestid: 5f636b85-4ff6-46ba-9dcf-60cbe4d02222
x-cache: Hit from cloudfront
x-amz-apigw-id: KEfRPFfNoAMEkxw=
content-length: 3780
last-modified: Mon, 24 Jan 2022 12:15:36 GMT
x-amzn-trace-id: Root=1-64e4df3a-0b011be153cd6ecb383e09e3;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 9nge2xMkjgn1gOt7GZ7DjVGmzG07mnzyX_6NtjEaNTpRJTpJPtYV2A==
expires: Wed, 25 Jan 2023 07:28:00 GMT

GET
H2 200 logo.png
images.buchheits.com/assets/images//fit-in/296x60/ 13 KB
13 KB 161ms
62ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/assets/images//fit-in/296x60/logo.png
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: d906500713710474e4e95a4be76fb1c69d72b2d4e6b2554021f4fb953c2f57f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 10:29:18 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 19994598
x-amzn-requestid: 17866d85-e312-47f5-9591-bcd7b8c156f4
x-cache: Hit from cloudfront
x-amz-apigw-id: ClyjzHT5IAMF7LA=
content-length: 12808
last-modified: Mon, 24 Jan 2022 12:15:36 GMT
x-amzn-trace-id: Root=1-6425647e-22b92c277ba017344e42ccb6;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: O1Oe75_-lLgVDbpnv8FxPabaFU29Ic49M3YQqGTM5DA35kObIBhW-g==
expires: Wed, 25 Jan 2023 07:28:00 GMT

GET
H2 200 946.d1fff77985536ae4.js Show response
d3jf0pgexz92qy.cloudfront.net/js/ 11 KB
4 KB 25ms
22ms Script
application/javascript 108.139.29.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jf0pgexz92qy.cloudfront.net/js/946.d1fff77985536ae4.js
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/runtime.d549db01725b7563.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adfab6baf3784941a1be11dec5aa922427b9884373418ec8c1e329ed2615b1ca

Request headers

Referer: https://www.buchheits.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:46:51 GMT
content-encoding: br
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 60428
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 15:04:10 GMT
server: AmazonS3
etag: W/"48e29eab07da16754fffede8b939aa37"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-id: uo9zTC_XW5486XGiBfwa9w73K926Wv9UNcfoTEQoXcwRgu39XgrdJA==

GET
H2 200 BA_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 105ms
56ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/BA_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 5416dc2d21aa121a4087af6fc1b04056e98a728475b04ee62c7cc1b14fd77bc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:41:18 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657878
x-amzn-requestid: 2bb38cd5-702d-4e35-bbac-e6dd352e6371
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMaPE_BIAMFvmA=
content-length: 8662
last-modified: Thu, 02 Feb 2023 21:40:26 GMT
x-amzn-trace-id: Root=1-63fcc10e-635137bf3d841d56376acad4;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: ZDJd581i4Fh7m_ittPPH5HzBtNMWS04-PWcuMhF1yletJ0Ni5r9d4Q==

GET
H2 200 MU_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 110ms
61ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/MU_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 845bd76053dd43febd7780836b13a471048a4d16ba76ab7c7e928e9ff7edf139

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:41:18 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657878
x-amzn-requestid: ba39f1cd-039c-4a6d-b190-595270c9a0e5
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMaPHcJIAMFbmA=
content-length: 8678
last-modified: Thu, 02 Feb 2023 21:40:42 GMT
x-amzn-trace-id: Root=1-63fcc10e-0df81778420132e608f64e1a;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: VITEEWgGiETjjjJt1oCFiHQSQBa8F68OlIgOplDT1fun1yKWp2QQUQ==

GET
H2 200 CN_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 108ms
59ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/CN_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: ab3c5c698f81e360c292b2a074bbe541b3e72f3d77bd1ab11c31791c6288991a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:12:39 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 6326397
x-amzn-requestid: f2cb4df4-ed13-4875-9d86-92aa90992ed9
x-cache: Hit from cloudfront
x-amz-apigw-id: KvMMKFpuIAMEcAA=
content-length: 2036
last-modified: Thu, 23 Dec 2021 16:43:27 GMT
x-amzn-trace-id: Root=1-64f5f3e7-7dc622e113b7df1021eea718;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: QUeaWJOmyLvJDRiQ1MtQs7dBWCBY6cnymrsqw5fA1G4KrXCCf7SJ4g==

GET
H2 200 GV_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 111ms
62ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/GV_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 4ef566d278929c1e4c702a584e73133f44bb7d4651cd99ae0f96a395def64cfc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:12:39 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 6326397
x-amzn-requestid: 6b1a88b6-5b92-4070-ba0a-569135923173
x-cache: Hit from cloudfront
x-amz-apigw-id: KvMMLH-PoAMEGQw=
content-length: 1808
last-modified: Thu, 23 Dec 2021 16:41:56 GMT
x-amzn-trace-id: Root=1-64f5f3e7-312dd8b34695f765017dc0ed;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Cel4swds0qeSO-vgkPwZvthoGHZSlmOKhN0N60T2zq2wsTeikpwg-Q==

GET
H2 200 JK_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 38ms
35ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/JK_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 2b4b56af49c0d856f4caf84584f94b200317afc42241d1ea292bb18383fb1e1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:12:39 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 6326397
x-amzn-requestid: ee721658-b125-4450-8ef6-27c82d74cf3d
x-cache: Hit from cloudfront
x-amz-apigw-id: KvMMLEHdIAMEEoA=
content-length: 1702
last-modified: Thu, 23 Dec 2021 16:43:16 GMT
x-amzn-trace-id: Root=1-64f5f3e7-59bf5af82f111a964e702246;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: G0H-D95ds-_ZkUE9SEp6kmJ-8jbO8P4L9nmkSHiCrgtweYANwn8qmg==

GET
H2 200 SP_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 39ms
36ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/SP_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: d6fd645608e355a0ccbc9c430628598d16aed68df1904a57c2a80bf52c4e18ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 06:16:46 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 6704150
x-amzn-requestid: 3e2c5fd2-429a-4c80-8097-8ce3a8196d97
x-cache: Hit from cloudfront
x-amz-apigw-id: Kgx8THEZIAMEeoQ=
content-length: 1612
last-modified: Thu, 23 Dec 2021 16:43:47 GMT
x-amzn-trace-id: Root=1-64f0304e-0186db915f8a83677eb3bdf4;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: JyTuqJIYfiGqcH6RHYetNpEnmbcNkfOCYWgtUCeddlcesYOJxio75w==

GET
H2 200 PV_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 35ms
31ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/PV_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 7e850809f77b87ffe103e1a3a64c2fcc5f0b9c842af812dd95f9525c300bb2ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:32:24 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 6951612
x-amzn-requestid: 4cabeb3d-fa5e-4d45-a743-ec6d91ff4048
x-cache: Hit from cloudfront
x-amz-apigw-id: KXVyOFmwoAMETNA=
content-length: 1566
last-modified: Thu, 23 Dec 2021 16:43:37 GMT
x-amzn-trace-id: Root=1-64ec69a7-04414ecd7b036e5808b66f4e;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: WmvUv0HG1zH5EwEmBsPn56mbn6IRp3kU3I-P7pTspbsWdm3ag0jpOA==

GET
H2 200 JV_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 40ms
37ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/JV_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 3d46b0e9dc1513cd1659e55924eb6f1fa99c9dacaf828cd331c2af343e22a0a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 06:16:46 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 6704150
x-amzn-requestid: 547b5397-6b10-40ff-b214-44b52f4b48c6
x-cache: Hit from cloudfront
x-amz-apigw-id: Kgx8TH64IAMEgCw=
content-length: 1620
last-modified: Thu, 23 Dec 2021 16:41:29 GMT
x-amzn-trace-id: Root=1-64f0304e-11600678397ef7b1626eb601;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: MYK4hXCnaxWZRbTrzgsE6oG6ENh4Mjvy8TKMhTkBTieFHDxERS0f8g==

GET
H2 200 HK_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 41ms
38ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/HK_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 10439259c9022ba72ad7c68f4af7ba597a1b233b7efc2564cf1a6ea5af34570e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:12:39 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 6326397
x-amzn-requestid: 6d6e0a12-8b5c-4756-94b7-eb49f29f4242
x-cache: Hit from cloudfront
x-amz-apigw-id: KvMMLGq_oAMEeWA=
content-length: 1976
last-modified: Thu, 23 Dec 2021 16:41:38 GMT
x-amzn-trace-id: Root=1-64f5f3e7-7d03ff095bc07abe13e59985;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: n7xhBCynuBUc7oGJs0eZm3ZuAeK7nILnz7kCzDI2rjybTqHiGDaWNQ==

GET
H2 200 PA_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 45ms
42ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/PA_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: cc8da595fd7fb7094a7e6c114ae04cba17c4a10762dc907db57fb37eb4587333

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:42:53 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657783
x-amzn-requestid: 0ee2e120-ae98-4519-b5ec-523f021c9bc5
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMpIHZXIAMFnpA=
content-length: 8620
last-modified: Thu, 02 Feb 2023 21:41:42 GMT
x-amzn-trace-id: Root=1-63fcc16d-139b5e1c0f480f362187ddf2;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: brf5nt41TO-s9sTRi2FSV6ED4MmGzBp7Wv-BMjREgQCVlAVrVCkBqQ==

GET
H2 200 HS_Navigation200x.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 2 KB
2 KB 44ms
41ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/HS_Navigation200x.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: e2aab0528c48948f6db55c11c9e4889f3c92b76f403ccebed4a19aa4c4a3113d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:15:55 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 7445801
x-amzn-requestid: e557a803-556c-4f87-a75a-e6b5211478fb
x-cache: Hit from cloudfront
x-amz-apigw-id: KEfRRExXoAMEWFQ=
content-length: 1756
last-modified: Thu, 23 Dec 2021 16:42:59 GMT
x-amzn-trace-id: Root=1-64e4df3b-7e3de03461e23e6702bf929a;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: e2t1CNDyudQhj6WiJw2yyvj0I9PrMAUPTfFgcx7z-QUxJW-T7713KA==

GET
H2 200 JB_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 47ms
44ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/JB_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 6df9f87a455453bf20b7ad6aaef851ff5c80bdafa76368d30564868b014345bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:42:54 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657782
x-amzn-requestid: 211d970b-bc0d-4a33-b953-091fed8c88d9
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMpIHFsoAMF1aw=
content-length: 8522
last-modified: Thu, 02 Feb 2023 21:42:17 GMT
x-amzn-trace-id: Root=1-63fcc16d-7b65d4904e297e704c0364df;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: dr63HM28s56lpkptOvmeX5PJgy3dYZ_UclKusCHQRSKdEr-3BZ4yRA==

GET
H2 200 PC_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 35ms
33ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/PC_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: aac67a456b2862d6f2e89138455d0ec8954af0cb7d5aa9fd54e17466fb0d3afa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:41:18 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657878
x-amzn-requestid: 0feced9b-9fc1-4893-b82e-d73edd35cf73
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMaPF4soAMEIUQ=
content-length: 8702
last-modified: Thu, 02 Feb 2023 21:41:09 GMT
x-amzn-trace-id: Root=1-63fcc10e-4cdcbcc955deebc837f6267f;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: xr3k2zi5Np9-ftgIsMOcdsvzfTEQO_8SYYwl_ADKtelX2mLJe0ziRA==

GET
H2 200 FN_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 47ms
45ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/FN_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 155580c43cb333a23ca4526b9751c0d00332f02f1b7c48cc652cebba39a1455a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:42:54 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657782
x-amzn-requestid: 639e6f6a-ae1c-4f8a-a151-9f6980c89837
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMpJE_LIAMFbYA=
content-length: 8578
last-modified: Thu, 02 Feb 2023 21:43:12 GMT
x-amzn-trace-id: Root=1-63fcc16d-7ed8b6f124e9deea34a3c490;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 6wXWblSMTEI6dzDVG1WFqDmL3UHpdewdfXkr2Yeqd9AGfTJSGlfb2Q==

GET
H2 200 JC_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 9 KB
9 KB 52ms
50ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/JC_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 961f8106bb71ff4c79536df67f3fd9c77d6af7ac55ec98fa63ce02940c3a7758

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:43:55 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657721
x-amzn-requestid: d40fc298-c03f-4e7d-85bc-8dce43897ab8
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMyyH3woAMF-Ug=
content-length: 8728
last-modified: Thu, 02 Feb 2023 21:44:19 GMT
x-amzn-trace-id: Root=1-63fcc1ab-09ab390237913c47385e60aa;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 7ssuyS8HO53HjAbDmGKUkbmLMNfaWFXjy2bGtk9SUsM9ws6C3D_7JQ==

GET
H2 200 CN_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 49ms
47ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/CN_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: db929965af268f78ecec6aa9deab3fd3599b08055962c05dfed0a30be88437a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:42:54 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657782
x-amzn-requestid: 27dbc3fb-43eb-4ab2-ab02-c81a3b9ad2ed
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMpJE2NoAMFVug=
content-length: 8554
last-modified: Thu, 02 Feb 2023 21:42:39 GMT
x-amzn-trace-id: Root=1-63fcc16d-2edcc5bf6fde811c5b7ad1e3;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: YXxQw1RJENQADcWrpkXXEyMyhn2rP_ab7VCobE9Vf1qGSHy58b2nvw==

GET
H2 200 CS_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 36ms
34ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/CS_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 607c7b875ac586942e23290a4c13920c586b6d46145c8c3fb8345576d32416d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:42:53 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657783
x-amzn-requestid: e24ad8bf-548c-486a-ade3-8f4ee0c84f43
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMpIFv-IAMF_6g=
content-length: 8684
last-modified: Thu, 02 Feb 2023 21:42:55 GMT
x-amzn-trace-id: Root=1-63fcc16d-199318bf003ea90d47ae14b6;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: gDC4u8hUb62UyKzzBwo3C1vz4oI-ThrEE1q-y0uwG2MCbgOvOriTPg==

GET
H2 200 KV_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 55ms
53ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/KV_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 47cc5c0378961f12a33565652ee66ada224e24a4cdb45a8d9e5dff5be409f286

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:42:54 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657782
x-amzn-requestid: c7456011-215e-4837-b96a-f327f120f452
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMpIGbYIAMFTWA=
content-length: 8442
last-modified: Thu, 02 Feb 2023 21:43:39 GMT
x-amzn-trace-id: Root=1-63fcc16d-154956f6255c892f7981d0cb;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: BVRISepJtlY-TbbqleWxRlDmV47_uFL2ZmkEvFPaukgZCCUpGuT1lA==

GET
H2 200 BC_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 9 KB
9 KB 53ms
51ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/BC_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 198646b20f49dfdd2b75862c280fdd8ba4a2df54405cfa62e04abc6e0729b9a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:33:51 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 1400325
x-amzn-requestid: 255ecbf3-476f-4a36-bd0f-87f321e4db90
x-cache: Hit from cloudfront
x-amz-apigw-id: NrGuzGCoIAMEvew=
content-length: 8772
last-modified: Thu, 02 Feb 2023 21:44:03 GMT
x-amzn-trace-id: Root=1-65411e5e-159424532f8e70ee41b94296;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: ziS9d2D28fcqNPoyLI8xXdu4VwTsHIYVjuRC94G7-J9COB6uLmf-wA==

GET
H2 200 NP_mockup.jpg
images.buchheits.com/party/fit-in/500x300/filters:blur(50)/ 8 KB
9 KB 54ms
52ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/party/fit-in/500x300/filters:blur(50)/NP_mockup.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 958dda3ab020a409af73966d4ece5321b643cb4e9be5b9e98c1e6b83b800a44a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 14:41:18 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 22657878
x-amzn-requestid: e2b1fb7d-5b18-4022-8c70-4070de1a9db8
x-cache: Hit from cloudfront
x-amz-apigw-id: BAMaPFy4IAMFmZA=
content-length: 8544
last-modified: Thu, 02 Feb 2023 21:40:06 GMT
x-amzn-trace-id: Root=1-63fcc10e-08fca26e64ebda987b0929e3;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 0T6sOExIWK6bBensA1PQ1aCzTdWClnrpprN4fhepfWlbQz-YFFqxQA==

GET
H3 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
24 KB 27ms
27ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 16:57:18 GMT
x-content-type-options: nosniff
age: 444918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 16:57:18 GMT

GET
H/1.1 200
OK / Show response
www.buchheits.com/backend/api/v1/navitem/ 15 KB
6 KB 116ms
115ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/navitem/?businessunitid=1&is_default=true&storeid=31

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

19ee12cdc79070167e749324b053daa7f0023c26b681300bd7e61b9f02888715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 1 Show response
www.buchheits.com/backend/api/v1/globalsettingscript/ 847 B
1 KB 220ms
97ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/globalsettingscript/1

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

34cf9a1d63ec5cacd34116ac3f1bc17f912b22ef812d374fce70933963ebf2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
489 B 746ms
490ms Script
application/javascript 2606:4700::6810:b0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=27843790&u=https%3A%2F%2Fwww.buchheits.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.22

Resource Hash

1b063ff2f4ceae3c5c33e5e1511fce3f7a534ecc9148e0760f52861a815741b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.22
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 70
cf-ray: 8272811508f243bf-EWR

GET
H/1.1 200
OK / Show response
www.buchheits.com/backend/api/v1/seoendpoint/ 37 B
644 B 127ms
87ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/seoendpoint/?taxonomy_slug=&storeid=31

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

5b4d705456df7e6f8aec0bbb5b2730c703c0ed6fef6ff751150ae9cfbb88b324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: DENY
Vary: Accept, origin
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 37
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS

GET
H/1.1 200
OK / Show response
www.buchheits.com/backend/api/v1/seoendpoint/ 815 B
1 KB 591ms
555ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/seoendpoint/?cms_slug=home

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

d059636a4df1036843995059562fdc9fdf22994558558d622ff9562dd3a48c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK home Show response
www.buchheits.com/backend/api/v1/cmspagewithelements/ 72 KB
7 KB 588ms
484ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/cmspagewithelements/home?businessunitid=1&offset=0&limit=3

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

00b8e531c710cbe93fd239e6cc1b239f8ab15e079c066617e33fc1ef90680c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 559ms
48ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=105aecac-cf24-4b74-99bb-e716af0b3618

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/main.29d9b46f51e2a2ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: FTYNTS01B1NNJQ9B
age: 47
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: IA0NOZvJYvpxjddgRFYLZF9o4+hRUWexyVyqGyCyCv6H03eMrTRult98iOlUsaXUwNwi4A9GuNw=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FQXa9xVWFOQBAe89e8giHxCIH0xvIt2dLD5LjotLHj4X%2BEhJbxOl6RtWSJ2LxKadppb07eqlepcni3ep%2FVbB32cbkMon90esi99xchBhmaTAziHhy7jqfTdb4eZ1bhYFooG3rM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 82728117fcb28c99-EWR

GET
H2 200 e1c4affb1c160a62b10521d.js Show response
cdn.rlets.com/capture_configs/60e/84f/d17/ 241 KB
48 KB 600ms
89ms Script
text/javascript 2600:9000:215f:2000:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rlets.com/capture_configs/60e/84f/d17/e1c4affb1c160a62b10521d.js

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/main.29d9b46f51e2a2ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:215f:2000:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

38a27d76ce1d3354802ff8c66dadcbd8f2c28df77eca02d3f5079374a4704ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 14:58:00 GMT
via: 1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: YUL62-C2
age: 20077
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3d0642444ee6fa9d39fc3fb651a5a905
x-runtime: 0.078126
referrer-policy: strict-origin-when-cross-origin
etag: W/"38a27d76ce1d3354802ff8c66dadcbd8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control
x-amz-cf-id: 1Vvb84Dft0QZcCCGgHQvbBE_A_BgP6y0tPXgUURsrZfFxHlUmgzNdw==

GET
H/1.1 200
OK / Show response
www.buchheits.com/getExistSitemap/ 21 KB
3 KB 169ms
169ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buchheits.com/getExistSitemap/?file_name=cms_sitemap.xml
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-166-85.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: f676c2cb2745cdf98a30870a61fa96e776219da4507231ce091cdd759d53307c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:37 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"5432-BWUpdWYNq7QA2BmlZzQzVymt5TM"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 178ms
58ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/main.29d9b46f51e2a2ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

693e44fb518867acf95fb6f919a136f68a71e9602d6dc5e524a3a9c0f728022b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 16 Nov 2023 20:32:37 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame FE97 270 B
411 B 202ms
71ms Document
text/html 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-NS7SVZ4

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/main.29d9b46f51e2a2ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

746321081f72a20cbaf241e8956b2a6ff1d5e11e0ba11fb572dab1db6c7e5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.buchheits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 20:32:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
73 KB 205ms
72ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NS7SVZ4

Requested by

Host: www.buchheits.com
URL: https://www.buchheits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b19505df58e7d372ef67f48cc299f1b4dac026f379f77652a6777fd1a681d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74972
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 20:32:37 GMT

GET
H/1.1 200
OK home Show response
www.buchheits.com/backend/api/v1/cmspagewithelements/ 49 KB
6 KB 139ms
139ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/cmspagewithelements/home?businessunitid=1&offset=3&limit=2

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

ece73b759d5a17afa5f93eda5066bb082a9a355d12d6cc6e826e380f273719e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 Thanksgiving-2023_Rotator1920x620.jpg
images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/ 10 KB
10 KB 32ms
29ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/Thanksgiving-2023_Rotator1920x620.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 2ea802e6d0ff6a7925241abe576b501631af0ec627b00de17270eb5c998ecb0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:24:13 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158904
x-amzn-requestid: 85683cad-a831-4c66-94e4-2c72cc485c62
x-cache: Hit from cloudfront
x-amz-apigw-id: Oadi8EgjoAMEMUQ=
content-length: 10160
last-modified: Mon, 30 Oct 2023 18:27:30 GMT
x-amzn-trace-id: Root=1-65540fac-1d00e9913209f04b488cbb19;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: I8DTofbO3Q6s-hPBs3Yj8bbB6BqdYFZJky1BB5CvvjNmPHaE09LKng==

GET
H2 200 2315_Black-Friday_Rotator2.jpg
images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/ 11 KB
11 KB 42ms
39ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/2315_Black-Friday_Rotator2.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: af8c3ccb23d5f2e87479d32ed7cb51de57a076f03ab4fce7fbaed054b85cc29d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:24:13 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158904
x-amzn-requestid: 7b7eeb69-97a9-4e79-9aa0-4d840fbda4a3
x-cache: Hit from cloudfront
x-amz-apigw-id: Oadi8GEXIAMEsLA=
content-length: 10946
last-modified: Thu, 02 Nov 2023 12:32:03 GMT
x-amzn-trace-id: Root=1-65540fac-5499f3800c56e999208918bb;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Zounp1XHQ6l3YG8pH6BX6mwxxJcH2cSt1KHY2mFKs-DxtUkMBfLchA==

GET
H2 200 2315_Black-Friday-Countdown_Rotator.jpg
images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/ 10 KB
11 KB 42ms
40ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/2315_Black-Friday-Countdown_Rotator.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 04dd182fe3e9e402e892c74d4b3d21d2e76702a947064163d03f149c8a9969ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:24:13 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158904
x-amzn-requestid: 50d93fa5-2f9c-41b4-98ee-f94784917f78
x-cache: Hit from cloudfront
x-amz-apigw-id: Oadi8GAaIAMErmQ=
content-length: 10610
last-modified: Fri, 10 Nov 2023 15:42:37 GMT
x-amzn-trace-id: Root=1-65540fac-67b45e2c28eae64b724600ec;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: y5w-SeKYBAjo-I01Uu0-mM1hFdPXoBPhT1P_wI5ccAjxmiXFxHlG8w==

GET
H2 200 2315_Black-Friday-Countdown_Rotator.jpg
images.buchheits.com/cms//fit-in/1400x800/ 75 KB
75 KB 43ms
42ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/1400x800/2315_Black-Friday-Countdown_Rotator.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 55130e3abd36f6253f31c40a61688d01b8afe23cc968f6478d1f6b983e1b8ca0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:24:13 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158904
x-amzn-requestid: 356cf435-0b89-468e-8bcd-67ee32116cbd
x-cache: Hit from cloudfront
x-amz-apigw-id: OadjAHlNIAMET0A=
content-length: 76402
last-modified: Fri, 10 Nov 2023 15:42:37 GMT
x-amzn-trace-id: Root=1-65540fac-34aade7e6a3b489978932578;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: N_6mfFomQ_5061iqWfc0xNvr5U_khpVg75nlCSI02DOyJojUz8gB0g==

GET
H2 200 Thanksgiving-2023_Rotator1920x620.jpg
images.buchheits.com/cms//fit-in/1400x800/ 72 KB
73 KB 35ms
34ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/1400x800/Thanksgiving-2023_Rotator1920x620.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 4074fc1b40212c8c9f7d54070825ec95c04321e30c90c1c1bb9a49e777042634

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:24:18 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158899
x-amzn-requestid: 5a79d5a3-42db-4696-81bf-5fb5552cc9ff
x-cache: Hit from cloudfront
x-amz-apigw-id: OadjwEJwoAMEsLg=
content-length: 73762
last-modified: Mon, 30 Oct 2023 18:27:30 GMT
x-amzn-trace-id: Root=1-65540fb1-162c58be64e073c64f46530b;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Kwe9bKmFg10fuoQo2Kxi3MJU9A-UpwnpHbK1bnN7mCca3reRDybmqQ==

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 195ms
71ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=27843790&prismid=d4a1b7a9-5e3f-479e-a6e7-d603c6fea91d&url=https%3A%2F%2Fwww.buchheits.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.24
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 12
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 827281197a3132d2-PHL
content-length: 0

GET
H2 200 105aecac-cf24-4b74-99bb-e716af0b3618 Show response
ekr.zdassets.com/compose/ 761 B
1 KB 250ms
125ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/105aecac-cf24-4b74-99bb-e716af0b3618

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2ce52fa61abf9c5341782955dd35c3712cde92ffb410234d888dfb2def3276

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 82545250caa24678-SEA, 82545250caa24678-SEA
x-runtime: 0.010412
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fb2ce52fa61abf9c5341782955dd35c3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzkyPrpu6espjJ9nPNTQ9QsanSn1x%2F0zR3lVIDyD%2FX6%2B7Sq8w6Z5dKBbWdormTxsqWOlPAgKeyzol6Sz8bldBCU%2FaibFHMva17Z%2FygMzgVXpZQkyM09D%2FLn9wCi6dV6wto0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8272811989b38c5f-EWR

GET
H2 200 105aecac-cf24-4b74-99bb-e716af0b3618 Show response
ekr.zdassets.com/compose/ 761 B
714 B 288ms
164ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/105aecac-cf24-4b74-99bb-e716af0b3618

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2ce52fa61abf9c5341782955dd35c3712cde92ffb410234d888dfb2def3276

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 82545250caa24678-SEA, 82545250caa24678-SEA
x-runtime: 0.010412
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fb2ce52fa61abf9c5341782955dd35c3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgCWTbl3zLVs3jmyvARgncB9KU%2FXu2lOrimoTp%2FTGvSeZohI9GfOd7iB%2BasxCbYgYY9UXmVOCrjfsHigr3NnIwkY3b9Hw9N61%2FF%2BEeIZi6mqhlAZnMSF5uey995zzcalhPQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8272811989b28c5f-EWR

GET
H2 200 storage.html Show response
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/ Frame 8336 2 KB
2 KB 599ms
181ms Document
text/html 34.83.202.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/storage.html

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/60e/84f/d17/e1c4affb1c160a62b10521d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.83.202.81 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.202.83.34.bc.googleusercontent.com

Software

Resource Hash

00455c2236cdd12509e5535b218c31ac9cf66fa454a69b246f4025b43d8aaa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.buchheits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 2024
content-type: text/html
date: Thu, 16 Nov 2023 20:32:37 GMT
last-modified: Thu, 09 Nov 2023 18:54:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H/1.1 200
OK / Show response
www.buchheits.com/createxmlsitemap/ 198 B
733 B 209ms
208ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buchheits.com/createxmlsitemap/
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-166-85.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: af11eebba712f2f3bc290120c51127ce711617cb27dd995a1c85e4248628d04b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 16 Nov 2023 20:32:37 GMT
X-Powered-By: Express
ETag: W/"c6-C91JEaharCe2xTFwtA0zNvQolhQ"
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 198

GET
H/1.1 200
OK home Show response
www.buchheits.com/backend/api/v1/cmspagewithelements/ 48 KB
6 KB 125ms
124ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/cmspagewithelements/home?businessunitid=1&offset=5&limit=2

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

b9255bf8c6ce79e78883fb5d1714da3181f754ccb5f84f3b3d189cd42aa5ccd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f279c958/www-widgetapi.vflset/ 215 KB
67 KB 41ms
40ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f279c958/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1351b581c67163a45cbacaa5751164ff2012ed478a4775ad2811bd294261b655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:26:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68288
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 02:44:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Nov 2024 20:26:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
94 KB 66ms
65ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-95VDWB575G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS7SVZ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31bee4d1ffe96bc5f7e74d72eb309bd87c95f5ed948b2ec1100115590e671749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 20:32:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 156ms
43ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS7SVZ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 19:49:09 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2608
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 21:49:09 GMT

GET
H/1.1 200
OK home Show response
www.buchheits.com/backend/api/v1/cmspagewithelements/ 25 KB
5 KB 121ms
121ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/cmspagewithelements/home?businessunitid=1&offset=7&limit=2

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

2d681f30235c807de01f15656c0faf7fb49d609d97d3d3ff0d47bc1ee3a2120c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 web-widget-main-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame C76C 923 KB
265 KB 47ms
47ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=105aecac-cf24-4b74-99bb-e716af0b3618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
x-amz-version-id: 4cbhc1.6rLf_h9ym68WJ6KIAscXI23.M
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG7YA8N871VD5J1
age: 679903
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZySt8kL6ROzjbORLYN+I+W/w/yJpdfSQoR8pczX7IS0KJ4757YvEDq2mRj/feQlz/RRnW6+iyR4=
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"d21ab80a38e205ddac2cf2e5ff41ab5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOtCZi2E73acnY43KXMOiybWEjy0frH%2B5su0pFdJuR5bU08dcS2Jpm9mZSChRocwGCYsOZND10uLIhjZV9BOmeG3SxB2A2DvjOd91ppANFDTMPg0sv7TzLBdxht7%2BYQA7NRc5FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8272811ab8138c99-EWR
expires: Tue, 05 Nov 2024 00:48:59 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 38ms
37ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-95VDWB575G&gtm=45je3b81v892927749z8892911288&_p=1700166757117&gcd=11l1l1l1l1&dma=0&cid=897431294.1700166758&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700166757&sct=1&seg=0&dl=https%3A%2F%2Fwww.buchheits.com%2F&dt=Welcome%20to%20Buchheit%20Family%20Owned%20%26%20Operated%20Since%201934&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=8460
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-95VDWB575G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buchheits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame F949 923 KB
265 KB 70ms
69ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=105aecac-cf24-4b74-99bb-e716af0b3618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
x-amz-version-id: 4cbhc1.6rLf_h9ym68WJ6KIAscXI23.M
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG7YA8N871VD5J1
age: 679903
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZySt8kL6ROzjbORLYN+I+W/w/yJpdfSQoR8pczX7IS0KJ4757YvEDq2mRj/feQlz/RRnW6+iyR4=
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"d21ab80a38e205ddac2cf2e5ff41ab5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErxP6%2F7deKjgeDgjqNDUTN6kwTqTaxbYgqSTYndj3fiIKiqixctni7%2FTUhrMAGRYCJjGAips9o%2BsFQsu66SSHIF6AG3D0UJhJ5b%2Fu%2BmQ06275lU%2BaaKo8rRDsJkhf5kC3qG0z58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8272811b990d8c99-EWR
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H3 200 css
fonts.googleapis.com/ 14 KB
850 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9686aeea0055ab0c2b1f0eba66dec9b6dd487b4ec34b0fc9106edc7cd3a52cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 20:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 20:23:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 20:32:37 GMT

GET
H3 200 css2
fonts.googleapis.com/ 13 KB
722 B 70ms
68ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1b04b0ae81e50dd67dbb5b90951d79f665129f46fda8615cc4f6e9bdb0b522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 20:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 18:42:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 20:32:37 GMT

GET
H3 200 css2
fonts.googleapis.com/ 12 KB
715 B 42ms
40ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bitter:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd58a546b0a576005079ffe5131f14ed0f2441e1aea6cceeb90fea02cc4e209e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 20:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 20:32:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 20:32:37 GMT

GET
H3 200 css2
fonts.googleapis.com/ 1 KB
458 B 51ms
50ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Allura&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32e35703bd2e2dd7540a2beedb8ea0c189281bb4d2df807019b9d4172075b1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 20:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 20:23:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 20:32:37 GMT

GET
H/1.1 200
OK home Show response
www.buchheits.com/backend/api/v1/cmspagewithelements/ 55 KB
7 KB 142ms
141ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/cmspagewithelements/home?businessunitid=1&offset=9&limit=2

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

5f4102330c2138b0b31c8a16efe62b67ebd7ff0a8ab941c6e42349aeed2b351a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 38ms
38ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1104380690&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buchheits.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Buchheit%20Family%20Owned%20%26%20Operated%20Since%201934&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=173816172&gjid=116171675&cid=897431294.1700166758&tid=UA-107596655-1&_gid=1938096786.1700166758&_r=1&_slc=1&gtm=45He3b81n81NS7SVZ4v892911288&gcd=11l1l1l1l1&dma=0&z=1406066349

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buchheits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame C76C 25 KB
6 KB 45ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:37 GMT
x-amz-version-id: I_EA8shgdUVnTYVtPsngXZhS4fZlnaal
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGA2S0B2H0YW5PK
age: 679903
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: +ecFi86oIbndutdGPxhS6gCnsAL2qj/AlpaZ/VYH9WCeuIGfqWcDnSAg10xBstjut+Oj5v6q9yY=
last-modified: Mon, 06 Nov 2023 00:49:02 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab2pyT15Gd51VA5DaH9B8ZiHe%2FdaZfdbtHEemR1k%2FTpeLBbKFepSCgmKUptPcUgpT7OSnTiiCDNTwhxwv0jFojFrGnBdmEICiJNjuGCDC928DAmJsH5zqcKNWrxedeIQOgpES2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8272811d5ade8c99-EWR
expires: Tue, 05 Nov 2024 00:49:01 GMT

GET
H2 200 config Show response
buchheitshelp.zendesk.com/embeddable/ Frame C76C 384 B
1016 B 167ms
53ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buchheitshelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615ba815ea865991f412f518fa2afeb397e80802795211038a5e162ebd3d18de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5c96fc4bb-hp2mq
x-cached: STALE
x-request-id: 82727b843a0f632a-ORD
x-runtime: 0.002323
last-modified: Thu, 16 Nov 2023 19:24:13 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPy%2FsCDLKWU2VD5D3HssbYU5Kw64wLWMznw1E%2FPUvc8%2BGwTrRPI5fLW58zi1cDSmlgWg39chvrVdGXeXRbfKBGvqLD%2FOhZ1ZCwBtyEIaWtoTo7sdp9sePrDZal1cVXadk0nsLxc%2BR%2FcJVo8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8272811e1fea8c15-EWR

GET
H3 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 37ms
37ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 16:29:06 GMT
x-content-type-options: nosniff
age: 446611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24020
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 16:29:06 GMT

GET
H3 200 va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
24 KB 41ms
40ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 17:20:11 GMT
x-content-type-options: nosniff
age: 184346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24868
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 17:20:11 GMT

GET
H3 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 53ms
53ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:05:29 GMT
x-content-type-options: nosniff
age: 563228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 08:05:29 GMT

GET
H3 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v33/ 32 KB
32 KB 58ms
58ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v33/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bitter:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2321d29475d47bd4d70a263c8f59d12ebad686e96aef5ac0a9e9e271ec0dcc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:28:44 GMT
x-content-type-options: nosniff
age: 3833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33148
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:16:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 19:28:44 GMT

GET
H3 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
24 KB 69ms
69ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,400,500,600,700,800,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 16:57:18 GMT
x-content-type-options: nosniff
age: 444919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 16:57:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
348 B 177ms
83ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-107596655-1&cid=897431294.1700166758&jid=173816172&gjid=116171675&_gid=1938096786.1700166758&_u=YADAAEAAAAAAACAAI~&z=742155329

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Nov 2023 20:32:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buchheits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 27ms
27ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buchheits.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 01:58:25 GMT
x-content-type-options: nosniff
age: 498853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 01:58:25 GMT

GET
H2 200 en-us-json-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame F949 25 KB
6 KB 38ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:38 GMT
x-amz-version-id: I_EA8shgdUVnTYVtPsngXZhS4fZlnaal
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGA2S0B2H0YW5PK
age: 679904
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: +ecFi86oIbndutdGPxhS6gCnsAL2qj/AlpaZ/VYH9WCeuIGfqWcDnSAg10xBstjut+Oj5v6q9yY=
last-modified: Mon, 06 Nov 2023 00:49:02 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlCOlkEHCcAUBp5qJcrPblPib0jqJs%2BjEHSb6To3eABFhs8Nh%2B%2BrzBSjpjzU7fR%2FPwkiqLZ5qDAvXwjihRAPomZVNm5lS7S78aLuV6PX9RB%2BILCbzVYkxRn1Mogbd%2FxRQuaLk94%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8272811e6c098c99-EWR
expires: Tue, 05 Nov 2024 00:49:01 GMT

GET
H2 200 config Show response
buchheitshelp.zendesk.com/embeddable/ Frame F949 384 B
541 B 33ms
33ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buchheitshelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615ba815ea865991f412f518fa2afeb397e80802795211038a5e162ebd3d18de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 0
x-zendesk-origin-server: embeddable-app-server-5c96fc4bb-hp2mq
x-cached: STALE
x-request-id: 82727b843a0f632a-ORD
x-runtime: 0.002323
last-modified: Thu, 16 Nov 2023 20:32:38 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcZuysN13oy%2BQkDHqBrb%2BtllrnzSNZ0Oeu1T4CtXFx1htvGhFIncTHQ%2BZX1zHNeJbi8VBeYvvIJLa%2B3ObO9Y%2BvJqU06Z58cDkvZOS%2F806pGsNoutdAiwiz7hQy1XXKqJgAzzLdVzrmgds0c%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8272811e686b8c15-EWR

GET
H/1.1 200
OK home Show response
www.buchheits.com/backend/api/v1/cmspagewithelements/ 60 KB
9 KB 119ms
118ms XHR
application/json 35.160.166.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buchheits.com/backend/api/v1/cmspagewithelements/home?businessunitid=1&offset=11&limit=2

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.166.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-166-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

019592d834d488958fe0b97200dd98086cbc50b013d9315aebf9ad9f5dedc0b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Vary: Accept-Encoding, Accept, origin, Cookie
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 AF600x400.jpg
images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/ 2 KB
3 KB 29ms
28ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/AF600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 451d757e9338507b9b49da81a611ea77cf1232b652cd5dc5b9a4ef7125788bfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 31 May 2023 04:40:46 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 14658712
x-amzn-requestid: bdbbe57c-557b-4ab7-83ad-d85d8a5a5fb9
x-cache: Hit from cloudfront
x-amz-apigw-id: FxVoNFs2oAMFUng=
content-length: 2282
last-modified: Fri, 26 May 2023 19:18:30 GMT
x-amzn-trace-id: Root=1-6476cfcd-69009fcb16168b35014d685b;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: -1g-8VAdj2jXJI1UDnN_-U6jsbmUO5SaNLoZD8bm5QMy1vFNaodD7g==

GET
H2 200 Holiday-Gift-Giving_600x400.jpg
images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/ 3 KB
3 KB 38ms
37ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/Holiday-Gift-Giving_600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 54d51c1120b42dfe95b0dd4ec476b76c2b16d85f5893bd79a812ae832b1ae815

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 04:42:08 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 1353030
x-amzn-requestid: 3f893509-fe62-4105-aafc-56a0a050469f
x-cache: Hit from cloudfront
x-amz-apigw-id: Ns6NAGSboAMEPlA=
content-length: 2708
last-modified: Mon, 23 Oct 2023 19:23:05 GMT
x-amzn-trace-id: Root=1-6541d71f-751bf1505ecc7e104d1c81db;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: dHoPZS-3D0vKWcij1qdEN8NzLNzx2PYDoVNtnB4c828cYGaR4iecCQ==

GET
H2 200 Collection-2022_Holiday-Decorating_600x400.jpg
images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/ 3 KB
3 KB 41ms
40ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/Collection-2022_Holiday-Decorating_600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 08dece78f8e9de6de987aacaf62e199025a56a5b551bb6e9fc47978b09aa953b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 04:42:08 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 1353030
x-amzn-requestid: 450f4901-aff3-415b-bce3-e139bbb4a4d0
x-cache: Hit from cloudfront
x-amz-apigw-id: Ns6M_GQ_oAMEuLQ=
content-length: 2932
last-modified: Mon, 23 Oct 2023 19:18:52 GMT
x-amzn-trace-id: Root=1-6541d71f-2dffda1d4829482104eee744;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: bUVHTHbj-HIPru7DNPDFNfgBuWD_LnVStNZMEEtUIZh7Y9bnrAFv1w==

GET
H2 200 Hunting__600x400.jpg
images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/ 2 KB
3 KB 39ms
39ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/400x400/filters:blur(50)/Hunting__600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: e0fb75749145b96723a678969777efa9210331d5c0216ba1331ad73610d7e524

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 04:42:08 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 1353030
x-amzn-requestid: 8b2a2bfa-c76e-4eb1-aabf-0c8216fa2a16
x-cache: Hit from cloudfront
x-amz-apigw-id: Ns6M_Es5IAMEoAA=
content-length: 2392
last-modified: Mon, 23 Oct 2023 19:26:11 GMT
x-amzn-trace-id: Root=1-6541d71f-0be716052b6d08bc7a4aebc1;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: fJLxSWGhHgm20MY3RtF2MTNKl7LhHtcQVra_CFp5qjbXZLi3vZv0nw==

GET
H2 200 AF600x400.jpg
images.buchheits.com/cms//fit-in/400x400/ 13 KB
13 KB 26ms
22ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/400x400/AF600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 224cc31c41de86eb130bc28bd1cf06838f88ce2231953c9666b218c189dbcfa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 31 May 2023 04:41:02 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 14658696
x-amzn-requestid: 30029e83-6d8c-447b-a0ac-513f35538798
x-cache: Hit from cloudfront
x-amz-apigw-id: FxVqvHjtIAMFlfg=
content-length: 13258
last-modified: Fri, 26 May 2023 19:18:30 GMT
x-amzn-trace-id: Root=1-6476cfde-0c85221c091cc6c0722fdf9f;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: gQ-mv1T_Kiokauctw3YI98SFtRQ1i1_85GjQ-IpuqhPMbPzlsD935A==

GET
H2 200 Holiday-Gift-Giving_600x400.jpg
images.buchheits.com/cms//fit-in/400x400/ 21 KB
21 KB 46ms
43ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/400x400/Holiday-Gift-Giving_600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 2b9c585b04aaddb37de26f2408560ce6b763e31f0b87397d03b81763f6e14809

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 04:42:09 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 1353029
x-amzn-requestid: a9005e2f-8432-4f5c-9506-122b91ea8361
x-cache: Hit from cloudfront
x-amz-apigw-id: Ns6NHHo6IAMEnlQ=
content-length: 21234
last-modified: Mon, 23 Oct 2023 19:23:05 GMT
x-amzn-trace-id: Root=1-6541d720-36b6b6527ce9341a32eb9351;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: jLFhCmUgE6iMW7hbSO-CLtAZ_o2GTa1c4pfZT0BJnorzHP7FcwdU-w==

GET
H2 200 Collection-2022_Holiday-Decorating_600x400.jpg
images.buchheits.com/cms//fit-in/400x400/ 16 KB
17 KB 36ms
34ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/400x400/Collection-2022_Holiday-Decorating_600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 575483cd6339bc249fdf4ccf3bfbc66a4d07740fa0f99795005b5f0faab3fb3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 04:42:08 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 1353030
x-amzn-requestid: 84dd0cde-29b5-4526-94a2-ab7647cdbaa4
x-cache: Hit from cloudfront
x-amz-apigw-id: Ns6NHGbsIAMEUNg=
content-length: 16418
last-modified: Mon, 23 Oct 2023 19:18:52 GMT
x-amzn-trace-id: Root=1-6541d720-2318de717f80f94f3e9bd37e;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: B8MYPYG0CgIAXCLD66TVb5e-kx9V4qn_cFhEPSeMYdzJFlPYhgwhDA==

GET
H2 200 Hunting__600x400.jpg
images.buchheits.com/cms//fit-in/400x400/ 31 KB
31 KB 46ms
44ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/400x400/Hunting__600x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 23fab406a79ea64d7e28bb9812acca33c71fcceba5adb88d970dcce6234312f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 04:42:09 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 1353029
x-amzn-requestid: f08549a0-b142-4766-9bc9-61614a562c53
x-cache: Hit from cloudfront
x-amz-apigw-id: Ns6NJHXcoAMEDHw=
content-length: 31282
last-modified: Mon, 23 Oct 2023 19:26:11 GMT
x-amzn-trace-id: Root=1-6541d720-000309547b0ec55a4c97fb4a;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: fWDcdLMGtNm_TVhB_0jHjR6jQwgkdyjd3DROTIGBNDOYtLeuckwAHg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 185ms
94ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-107596655-1&cid=897431294.1700166758&jid=173816172&_u=YADAAEAAAAAAACAAI~&z=1113158865

Requested by

Host: www.buchheits.com
URL: https://www.buchheits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Black-Friday_Collcetion_1786x400.jpg
images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/ 7 KB
7 KB 23ms
22ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms/fit-in/1400x800/filters:blur(50)/Black-Friday_Collcetion_1786x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: c6fed91da1cbe43c0749cf4ec8b7468aeb34ba96cc23b9ba303306402b5af119

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:35:46 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 5540212
x-amzn-requestid: a2f7b6ef-f6cc-4291-82b5-f2c5cbb7a3d2
x-cache: Hit from cloudfront
x-amz-apigw-id: LNLlvHuwIAMEvNg=
content-length: 6684
last-modified: Wed, 13 Sep 2023 17:30:33 GMT
x-amzn-trace-id: Root=1-6501f2f1-08d96d225732012f2d826586;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: E6mKwnzzfV_pLa0dXhLGDg9Sh3DT43cJqnMqJKHpPR7qTNxJ91xfxg==

OPTIONS
H2 200 originCountry
capture-api.reachlocalservices.com/ Frame 0
0 275ms
134ms Preflight
application/json 54.192.51.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-43.yul62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.buchheits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 16 Nov 2023 20:32:38 GMT
via: 1.1 90b7b9dc3aa8817f0cef3cfd45fb8916.cloudfront.net (CloudFront)
x-amz-apigw-id: OghgFESqPHcESwA=
x-amz-cf-id: vZwHeXNSwIIWZCzml02cx2y6CTa5NWY_XK4uIjgtsNBs3mJ6KoXasQ==
x-amz-cf-pop: YUL62-C2
x-amzn-requestid: d99e3ffa-041b-40be-9efe-21d82e6785d1
x-cache: Miss from cloudfront

GET
H2 200 originCountry Show response
capture-api.reachlocalservices.com/ 36 B
571 B 247ms
247ms XHR
application/json 54.192.51.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-43.yul62.r.cloudfront.net
Software: /
Resource Hash: 9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3

Request headers

Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 16 Nov 2023 20:32:38 GMT
via: 1.1 90b7b9dc3aa8817f0cef3cfd45fb8916.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amzn-requestid: 79676692-345a-4bcd-bd4e-5d29836dd75e
x-amzn-trace-id: Root=1-65567c66-3dcbaf704f2e4a6937c07869;Sampled=0;lineage=a245b58f:0
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: OghgHF8DPHcEHRA=
content-length: 36
x-amz-cf-id: F_0Y92Y7RFA8pqLIW97tha3muagJM4yNy4MjYzSSIUVhtWtCJNd3jQ==
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With

GET
H2 200 Black-Friday_Collcetion_1786x400.jpg
images.buchheits.com/cms//fit-in/1400x800/ 22 KB
23 KB 24ms
22ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/1400x800/Black-Friday_Collcetion_1786x400.jpg
Requested by: Host: www.buchheits.com
URL: https://www.buchheits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: 792877479dc27197f83b1b01c4fe5383f032e0800b82d8806777694ea09780e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:59:32 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 5538786
x-amzn-requestid: 66709b58-459d-4b68-a11a-b341f67bbb56
x-cache: Hit from cloudfront
x-amz-apigw-id: LNPEqGHjIAMEAFg=
content-length: 22916
last-modified: Wed, 13 Sep 2023 17:30:33 GMT
x-amzn-trace-id: Root=1-6501f883-5c7229e20ebf4834655e5a4c;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: RvOIdPO_1gAt2Mo6etisBZzYmnOyCuRnlYnoMS3bZXGr78pxuIsXVw==

GET
H2 200 capture.js Show response
cdn.rlets.com/capture_static/mms/ Frame C554 181 KB
43 KB 86ms
74ms Script
application/javascript 2600:9000:215f:2000:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/capture.js
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/60e/84f/d17/e1c4affb1c160a62b10521d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:2000:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c73f030eee7fd9d6ab1b158a90800e4499a462a35a09d2d25170ed59f51281d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:20:57 GMT
content-encoding: br
via: 1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 21:02:14 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 4303
x-amz-server-side-encryption: AES256
etag: W/"03fa1631199bee76050a560b54875c42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sKeTgS6RY_bFuEFeLhinrqOsJlLThRZARGejRWRhr7FtoXjVh-ot_g==

GET
H2 200 capture.js Show response
cdn.rlets.com/capture_static/mms/ Frame CDBC 181 KB
43 KB 104ms
94ms Script
application/javascript 2600:9000:215f:2000:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/capture.js
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/60e/84f/d17/e1c4affb1c160a62b10521d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:2000:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c73f030eee7fd9d6ab1b158a90800e4499a462a35a09d2d25170ed59f51281d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:23:07 GMT
content-encoding: br
via: 1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 21:02:14 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 4303
x-amz-server-side-encryption: AES256
etag: W/"03fa1631199bee76050a560b54875c42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nSyk-p4TQJLeLwdMEVcrnhat4FQKT8aHOYZCzgXbzG_FbN0TNzBVkA==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 144ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.buchheits.com
URL: https://www.buchheits.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 20:32:38 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A054DB337874708943253456FE7C119 Ref B: PHL30EDGE0222 Ref C: 2023-11-16T20:32:39Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 224ms
115ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/60e/84f/d17/e1c4affb1c160a62b10521d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 20:32:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Y49vjqqmT3DQcR5TOwzOtDbaw5STed+xbooHT9cqb2CmKhAWxMl0hN7FL7xhnKRy/LZo+iWPxjl7HL+hNd/+qQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 50ms
45ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11072213090

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/60e/84f/d17/e1c4affb1c160a62b10521d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64d1e328b12ff4cfc04d293ca92103aabf998b36df00aa3be8f42f5401e46089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72266
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 20:14:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 20:32:39 GMT

GET
H2 200 d9a5dd70-50f0-0134-a365-0cc47abc2b4e Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 273ms
120ms Script
application/javascript 34.29.191.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/60e/84f/d17/e1c4affb1c160a62b10521d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.29.191.173 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.191.29.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F5g0qN6_Hhb9UQrqF-UE
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 visits Show response
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/api/v1/ 0
383 B 241ms
240ms XHR
text/html 34.83.202.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/api/v1/visits

Requested by

Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/polyfills.697ab46c3ace96b0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.83.202.81 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.202.83.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.buchheits.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/json

Response headers

x-runtime: 0.008808
date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: ALLOWALL
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
x-request-id: 0e996ac14bd36bcf0b463bf3dd698284

OPTIONS
H2 200 visits
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/api/v1/ Frame 0
0 409ms
144ms Preflight
text/html 34.83.202.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/api/v1/visits

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.83.202.81 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.202.83.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.buchheits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html
date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: ALLOWALL
x-request-id: 2a9616bc73d6305ab8b74b2af2362f4c
x-runtime: 0.002013

GET
H2 200 storage.html Show response
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/ Frame B614 2 KB
2 KB 144ms
144ms Document
text/html 34.83.202.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/storage.html

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.83.202.81 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.202.83.34.bc.googleusercontent.com

Software

Resource Hash

00455c2236cdd12509e5535b218c31ac9cf66fa454a69b246f4025b43d8aaa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 2024
content-type: text/html
date: Thu, 16 Nov 2023 20:32:39 GMT
last-modified: Thu, 09 Nov 2023 18:54:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 storage.html Show response
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/ Frame 660C 2 KB
2 KB 186ms
185ms Document
text/html 34.83.202.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/static/storage.html

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.83.202.81 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.202.83.34.bc.googleusercontent.com

Software

Resource Hash

00455c2236cdd12509e5535b218c31ac9cf66fa454a69b246f4025b43d8aaa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 2024
content-type: text/html
date: Thu, 16 Nov 2023 20:32:39 GMT
last-modified: Thu, 09 Nov 2023 18:54:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11072213090/ 2 KB
2 KB 252ms
58ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11072213090/?random=1700166759233&cv=11&fst=1700166759233&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buchheits.com%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20Buchheit%20Family%20Owned%20%26%20Operated%20Since%201934&auid=961145455.1700166759&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11072213090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47e520e2c0a7483e87b3aa07adea1117fb17c61538c35d9d58f05cba989922b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
360 B 76ms
75ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343027567&Ver=2&mid=afd59ab2-4d3a-4709-804e-44f6fb5502af&sid=48f4f5a084bf11eea6088f98c106dd14&vid=48f50cc084bf11eebc00fff5cea2c8ea&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Welcome%20to%20Buchheit%20Family%20Owned%20%26%20Operated%20Since%201934&kw=Buchheit,%20Buchhiets,%20Buyer%27s%20Club,%20pet%20supplies,%20animal%20feed,%20pet%20food,%20farm%20and%20home,%20baby%20chicks&p=https%3A%2F%2Fwww.buchheits.com%2F&r=&lt=9275&evt=pageLoad&sv=1&rn=533422

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 20:32:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 85ED1336BE6F46D18260996C12FFE3C6 Ref B: PHL30EDGE0222 Ref C: 2023-11-16T20:32:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 798 B
761 B 140ms
102ms Script
application/javascript 34.29.191.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=22180&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.29.191.173 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.191.29.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 13f60399e3af50d67d4680a4aca790c5bfd59cc7b8ac18b2c4694f97128dbe24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 254375976519904 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 93ms
91ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/254375976519904?v=2.9.138&r=stable&domain=www.buchheits.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90e040986df87cea9e441b9c1c4d21d2441924aee19a901ce7de41af3e3bd2c4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 20:32:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 1wUTwffFk/NyIiNjOZmJMRdBG1s1hTOPMI3dEvJf+GCAo+g/P5qCn7yBzaIDylUvCTwqeuxaf5GG5SP0ZSf8kg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=0E99DE6DBEA146B0BE5412B771E4627B
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=4898fb7238&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=4898fb7238&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

53ms
52ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=4898fb7238&gdpr=0&gdpr_consent=&dcc=t

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 20:32:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GWS5N14N6WX6QN38H1RQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 20:32:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NK8PATTV3X4DKN7F47KQ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=4898fb7238&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

RX-b2ef931f-3e54-47e4-a1ba-d0d0e0cc3523-005
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/0E99DE6DBEA146B0BE5412B771E4627B
https://sync.1rx.io/usersync/simplifi/0E99DE6DBEA146B0BE5412B771E4627B?zcc=1&cb=1700166759975
https://sync.targeting.unrulymedia.com/csync/RX-b2ef931f-3e54-47e4-a1ba-d0d0e0cc3523-005

43 B
452 B

303ms
79ms

Image
image/gif

199.127.204.171
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-b2ef931f-3e54-47e4-a1ba-d0d0e0cc3523-005
Protocol: HTTP/1.1
Server: 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 20:32:40 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 20:32:40 GMT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-b2ef931f-3e54-47e4-a1ba-d0d0e0cc3523-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=0E99DE6DBEA146B0BE5412B771E4627B&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=0E99DE6DBEA146B0BE5412B771E4627B&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

27ms
26ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=0E99DE6DBEA146B0BE5412B771E4627B&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Nov 2023 20:32:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=0E99DE6DBEA146B0BE5412B771E4627B&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 16 Nov 2023 20:32:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=0E99DE6DBEA146B0BE5412B771E4627B

43 B
175 B

319ms
94ms

Image
image/gif

2600:1f18:612b:4280:65f5:303c:b7e2:2e7f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=0E99DE6DBEA146B0BE5412B771E4627B
Protocol: H2
Server: 2600:1f18:612b:4280:65f5:303c:b7e2:2e7f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 16 Nov 2023 20:32:39 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=0E99DE6DBEA146B0BE5412B771E4627B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 20:32:39 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=0E99DE6DBEA146B0BE5412B771E4627B
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0E99DE6DBEA146B0BE5412B771E4627B

95 B
436 B

70ms
69ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0E99DE6DBEA146B0BE5412B771E4627B

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0E99DE6DBEA146B0BE5412B771E4627B
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=0E99DE6DBEA146B0BE5412B771E4627B
https://d.agkn.com/pixel/10751/?che=1700166760002&ip=206.66.96.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213830604702011689336
https://um.simpli.fi/aa_px?sk=213830604702011689336
https://um.simpli.fi/empty.gif

43 B
361 B

117ms
117ms

Image
image/gif

34.133.71.175
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.133.71.175 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

175.71.133.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 16 Nov 2023 20:32:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

200

ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B&ripv6=2600:803:a88:1134::134
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B&ripv6=2600:803:a88:1134::134&ckls=true&ci=NYXgFNKrDQ&nc=false&trid=15228...

43 B
1 KB

87ms
86ms

Image
image/gif

52.85.132.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B&ripv6=2600:803:a88:1134::134&ckls=true&ci=NYXgFNKrDQ&nc=false&trid=1522812844
Protocol: H2
Server: 52.85.132.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-15.iad50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:40 GMT
via: 1.1 2b74e5ee4d30afba8f9df9907896c5f4.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: bFFKOBBnDlK3iXCqO7CXxx6T118Nle8qiRW-ERWI63MLLeLHuyRlMw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:40 GMT
via: 1.1 2b74e5ee4d30afba8f9df9907896c5f4.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0E99DE6DBEA146B0BE5412B771E4627B&ripv6=2600:803:a88:1134::134&ckls=true&ci=NYXgFNKrDQ&nc=false&trid=1522812844
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: 3oD54qPmrTu_4S7ZjWH0mWrZCvDjpcDiAVm580jE_t2rKUqCH6ufhA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E99DE6DBEA146B0BE5412B771E4627B

42 B
552 B

214ms
27ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E99DE6DBEA146B0BE5412B771E4627B
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 16 Nov 2023 20:32:38 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E99DE6DBEA146B0BE5412B771E4627B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 20:32:39 GMT

GET
H/1.1

200

user-registering
ads.stickyadstv.com/
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=0E99DE6DBEA146B0BE5412B771E4627B

43 B
654 B

274ms
87ms

Image
image/gif

63.251.28.133
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=0E99DE6DBEA146B0BE5412B771E4627B
Protocol: HTTP/1.1
Server: 63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 20:32:39 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1700166759962009-1172

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=0E99DE6DBEA146B0BE5412B771E4627B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 20:32:39 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=0E99DE6DBEA146B0BE5412B771E4627B;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=0E99DE6DBEA146B0BE5412B771E4627B;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODg5MjUzODE2ODg1MDEzOTgzMA==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMP_ho824gtOn7pH_5Qy4cU&google_cver=1

43 B
396 B

52ms
51ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMP_ho824gtOn7pH_5Qy4cU&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMP_ho824gtOn7pH_5Qy4cU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=0E99DE6DBEA146B0BE5412B771E4627B&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=0E99DE6DBEA146B0BE5412B771E4627B&j=0&xl8blockcheck=1

0
742 B

78ms
78ms

Image
text/plain

52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=0E99DE6DBEA146B0BE5412B771E4627B&j=0&xl8blockcheck=1
Protocol: H2
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 16 Nov 2023 20:32:40 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=0E99DE6DBEA146B0BE5412B771E4627B&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=0E99DE6DBEA146B0BE5412B771E4627B
https://ups.analytics.yahoo.com/ups/55964/sync?uid=0E99DE6DBEA146B0BE5412B771E4627B&verify=true

0
311 B

49ms
24ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=0E99DE6DBEA146B0BE5412B771E4627B&verify=true

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=0E99DE6DBEA146B0BE5412B771E4627B&verify=true
date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=0E99DE6DBEA146B0BE5412B771E4627B

0
421 B

224ms
24ms

Image
text/plain

52.3.119.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=0E99DE6DBEA146B0BE5412B771E4627B
Protocol: HTTP/1.1
Server: 52.3.119.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-119-146.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 16 Nov 2023 20:32:39 GMT

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=0E99DE6DBEA146B0BE5412B771E4627B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 20:32:39 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=0E99DE6DBEA146B0BE5412B771E4627B

62 B
446 B

301ms
138ms

Image
image/gif

23.62.105.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=0E99DE6DBEA146B0BE5412B771E4627B
Protocol: H2
Server: 23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-105-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 16 Nov 2023 20:32:40 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=0E99DE6DBEA146B0BE5412B771E4627B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 20:32:39 GMT

GET
H2

200

tpid=0E99DE6DBEA146B0BE5412B771E4627B
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=0E99DE6DBEA146B0BE5412B771E4627B
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0E99DE6DBEA146B0BE5412B771E4627B

49 B
544 B

83ms
82ms

Image
image/gif

54.211.145.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0E99DE6DBEA146B0BE5412B771E4627B
Protocol: H2
Server: 54.211.145.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-145-128.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.49.230
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0E99DE6DBEA146B0BE5412B771E4627B
cache-control: no-cache
x-server: 10.40.9.59
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=0E99DE6DBEA146B0BE5412B771E4627B
https://ce.lijit.com/merge?pid=2&3pid=0E99DE6DBEA146B0BE5412B771E4627B&dnr=1

43 B
679 B

47ms
30ms

Image
image/gif

23.92.190.69
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=0E99DE6DBEA146B0BE5412B771E4627B&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 20:32:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 20:32:39 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=0E99DE6DBEA146B0BE5412B771E4627B&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=0E99DE6DBEA146B0BE5412B771E4627B
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMEU5OURFNkRCRUExNDZCMEJFNTQxMkI3NzFFNDYyN0IQABoNCOf42aoGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&rand=06318491
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&rand=06318491&expected_cookie=624c03f5-b417-49d0-8777-2635576c24ce

0
143 B

129ms
124ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&rand=06318491&expected_cookie=624c03f5-b417-49d0-8777-2635576c24ce
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E99A4D4B57E94B838E6381A2A97E3C24 Ref B: PHL30EDGE0409 Ref C: 2023-11-16T20:32:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKSuvVifKcQ20WNflG5A==

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 97B5F504E6F142C39994C84ED9DF809F Ref B: PHL30EDGE0409 Ref C: 2023-11-16T20:32:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=99d2fa4f25adfb4982c1adde410bfec09e4556837bf15c88dde3033b4216422a791426b5417dce21&rand=06318491&expected_cookie=624c03f5-b417-49d0-8777-2635576c24ce
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKSuvTlfi6kcInv5x9Gw==

GET
H3

200

/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700166759410&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2115567471&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=2115567471&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzNGQ3...

42 B
64 B

51ms
42ms

Image
image/gif

2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=2115567471&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzNGQ3q7JggMVyQ5oCB05iQCG&is_vtc=1&ocp_id=Z3xWZYyCJsmdoPMPuZKCsAg&cid=CAQSKQDICaaNVenmZA6qeF3sKXcG3yWyi5Ddf7K4oj8vsePTbRVj_s-JH6w9&random=1666768148

Protocol

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=2115567471&cv=7&fst=1700166759410&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzNGQ3q7JggMVyQ5oCB05iQCG&is_vtc=1&ocp_id=Z3xWZYyCJsmdoPMPuZKCsAg&cid=CAQSKQDICaaNVenmZA6qeF3sKXcG3yWyi5Ddf7K4oj8vsePTbRVj_s-JH6w9&random=1666768148
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 100ms
95ms Image
text/plain 34.133.71.175
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.133.71.175 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

175.71.133.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=0E99DE6DBEA146B0BE5412B771E4627B
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0E99DE6DBEA146B0BE5412B771E4627B

43 B
891 B

35ms
33ms

Image
image/gif

68.67.178.10
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0E99DE6DBEA146B0BE5412B771E4627B

Protocol

Server

68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:40 GMT
an-x-request-uuid: cc82770f-c809-4254-9e43-23510c40e103
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 206.66.96.134; 206.66.96.134; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
an-x-request-uuid: 7b02ab32-2144-47b9-b233-a70d1f2e6e7b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0E99DE6DBEA146B0BE5412B771E4627B
cache-control: no-store, no-cache, private
x-proxy-origin: 206.66.96.134; 206.66.96.134; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0E99DE6DBEA146B0BE5412B771E4627B&expires=365

42 B
774 B

216ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0E99DE6DBEA146B0BE5412B771E4627B&expires=365
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0E99DE6DBEA146B0BE5412B771E4627B&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 20:32:39 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=0E99DE6DBEA146B0BE5412B771E4627B
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0E99DE6DBEA146B0BE5412B771E4627B

43 B
180 B

66ms
43ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0E99DE6DBEA146B0BE5412B771E4627B
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0E99DE6DBEA146B0BE5412B771E4627B
date: Thu, 16 Nov 2023 20:32:39 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEMHJQ2aCb1nbYmFX29JPB_g&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E99DE6DBEA146B0BE5412B771E4627B
https://um.simpli.fi/g_match?id=

0
320 B

81ms
80ms

Image
text/plain

34.133.71.175
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.133.71.175 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

175.71.133.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:32:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 15 Nov 2023 20:32:39 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11072213090/ 42 B
154 B 87ms
86ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11072213090/?random=1700166759233&cv=11&fst=1700164800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buchheits.com%2F&frm=0&tiba=Welcome%20to%20Buchheit%20Family%20Owned%20%26%20Operated%20Since%201934&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN8Dn-Uc4BkqMvoAuWmHTFPJfLdZ_F6w&random=2880955686&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 203ms
66ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=254375976519904&ev=PageView&dl=https%3A%2F%2Fwww.buchheits.com%2F&rl=&if=false&ts=1700166759565&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700166759563.151323974&cs_est=true&ler=empty&it=1700166759384&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 Nov 2023 20:32:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 2315_Black-Friday_Rotator2.jpg
images.buchheits.com/cms//fit-in/1400x800/ 64 KB
65 KB 56ms
55ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/1400x800/2315_Black-Friday_Rotator2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: dff154b6a7831409d9f503dd0e893ba5059545156b5982a65b8bcf01b5bfd421

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:24:23 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158899
x-amzn-requestid: a84f8ac7-f5bc-49fd-8dda-ee57adf82ade
x-cache: Hit from cloudfront
x-amz-apigw-id: OadkiHqpoAMECtg=
content-length: 66032
last-modified: Thu, 02 Nov 2023 12:32:03 GMT
x-amzn-trace-id: Root=1-65540fb6-681703217731c6e42665641d;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: P58cBgSDL_bVSeWZBh3l9r6ElnqzHeDcJWCuGWJsg3nGJJZNMXpA8Q==

GET
H2 200 2315_Black-Friday_Rotator2.jpg
images.buchheits.com/cms//fit-in/1400x800/ 64 KB
65 KB 45ms
44ms Image
image/webp 18.164.124.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.buchheits.com/cms//fit-in/1400x800/2315_Black-Friday_Rotator2.jpg
Requested by: Host: d3jf0pgexz92qy.cloudfront.net
URL: https://d3jf0pgexz92qy.cloudfront.net/js/vendor.20e19b525a17347d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-111.jfk50.r.cloudfront.net
Software: /
Resource Hash: dff154b6a7831409d9f503dd0e893ba5059545156b5982a65b8bcf01b5bfd421

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:24:23 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158899
x-amzn-requestid: a84f8ac7-f5bc-49fd-8dda-ee57adf82ade
x-cache: Hit from cloudfront
x-amz-apigw-id: OadkiHqpoAMECtg=
content-length: 66032
last-modified: Thu, 02 Nov 2023 12:32:03 GMT
x-amzn-trace-id: Root=1-65540fb6-681703217731c6e42665641d;Sampled=0;lineage=ba4b05d4:0
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: dV27OW0GNfGOzkjE_Zf0WkwRAkPNX7gFljOK8PQgLmJslhU11sVLRQ==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 36ms
35ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-95VDWB575G&gtm=45je3b81v892927749&_p=1700166757117&gcd=11l1l1l1l1&dma=0&cid=897431294.1700166758&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700166757&sct=1&seg=0&dl=https%3A%2F%2Fwww.buchheits.com%2F&dt=Welcome%20to%20Buchheit%20Family%20Owned%20%26%20Operated%20Since%201934&en=scroll&epn.percent_scrolled=90&_et=29&tfd=13498
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-95VDWB575G&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.buchheits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 20:32:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buchheits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prism.app-us1.com/	1970-01-20 16:59:18	Name: prism_27843790 Value: d4a1b7a9-5e3f-479e-a6e7-d603c6fea91d
.buchheits.com/	1970-01-20 16:59:18	Name: prism_27843790 Value: d4a1b7a9-5e3f-479e-a6e7-d603c6fea91d
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: y2rOIHVwVgw
.youtube.com/	1970-01-20 20:35:18	Name: VISITOR_INFO1_LIVE Value: tzsMcJmFTKg
.buchheits.com/	1970-01-21 01:52:06	Name: _ga_95VDWB575G Value: GS1.1.1700166757.1.0.1700166757.0.0.0
.buchheits.com/	1970-01-21 01:52:06	Name: _ga Value: GA1.2.897431294.1700166758
.buchheits.com/	1970-01-20 16:17:33	Name: _gid Value: GA1.2.1938096786.1700166758
.buchheits.com/	1970-01-20 16:16:06	Name: _gat_UA-107596655-1 Value: 1
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/	1970-01-20 16:17:33	Name: test Value: test
www.buchheits.com/	1969-12-31 23:59:59	Name: rl_visitor_history Value: 496c8751-e594-4e35-bab0-259b61cfc244
www.buchheits.com/	1969-12-31 23:59:59	Name: sifi_user_id Value: undefined
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/	1970-01-21 01:52:06	Name: visitor_id Value: 496c8751-e594-4e35-bab0-259b61cfc244
60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com/	1970-01-21 01:52:06	Name: sifi_user_id Value:
.buchheits.com/	1970-01-20 18:25:42	Name: _gcl_au Value: 1.1.961145455.1700166759
.buchheits.com/	1970-01-20 16:17:33	Name: _uetsid Value: 48f4f5a084bf11eea6088f98c106dd14
.buchheits.com/	1970-01-21 01:37:42	Name: _uetvid Value: 48f50cc084bf11eebc00fff5cea2c8ea
.simpli.fi/	1970-01-21 01:03:09	Name: suid Value: 0E99DE6DBEA146B0BE5412B771E4627B
.bing.com/	1970-01-21 01:37:42	Name: MUID Value: 1C8422DBBCD5641632793110BDBA6534
.bat.bing.com/	1970-01-20 16:26:11	Name: MR Value: 0
.simpli.fi/	1970-01-20 16:26:11	Name: uid_syncd_secure Value: true
.buchheits.com/	1970-01-20 18:25:42	Name: _fbp Value: fb.1.1700166759563.151323974
.doubleclick.net/	1970-01-21 01:52:06	Name: IDE Value: AHWqTUlVQEYMyaernHZ8HK91jwE7chMboXngOPu1PBEhGc_uA3ugGQOlbxqvYL2-
.pubmatic.com/	1970-01-20 16:59:18	Name: KRTBCOOKIE_148 Value: 19421-uid:0E99DE6DBEA146B0BE5412B771E4627B&KRTB&23486-uid:0E99DE6DBEA146B0BE5412B771E4627B&KRTB&23489-uid:0E99DE6DBEA146B0BE5412B771E4627B&KRTB&23539-uid:0E99DE6DBEA146B0BE5412B771E4627B
.pubmatic.com/	1970-01-20 16:59:18	Name: PugT Value: 1700166758
.tapad.com/	1970-01-20 17:42:30	Name: TapAd_TS Value: 1700166759961
.tapad.com/	1970-01-20 17:42:30	Name: TapAd_DID Value: 7845d733-8a8b-45cc-9911-09fd6d25a582
.rubiconproject.com/	1970-01-21 01:01:42	Name: khaos Value: LP1NE3VP-V-CB6M
.rubiconproject.com/	1970-01-21 01:01:42	Name: audit Value: 1\|HU+Dg73dC0OCPjTvoBa8BDw6E0kELM8ToJvxxKYxCucOiiaDVsR94k2u+4V3ga8t6dmQFR43HLqM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk8pvh1QIlrlhUp6d64TZNVe8+oSfkrVGKAUpRv23/bpq3+85387jysNSpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.1rx.io/	1970-01-21 01:01:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b2ef931f-3e54-47e4-a1ba-d0d0e0cc3523-005%22%7D
.bfmio.com/	1970-01-21 01:01:42	Name: __141_cid Value: 0E99DE6DBEA146B0BE5412B771E4627B
.bfmio.com/	1970-01-21 01:01:42	Name: __io_cid Value: 26c52072b9a1ce136a8e166a0a2d05d545f42f99
.adnxs.com/	1970-01-20 18:25:42	Name: uuid2 Value: 6113894352178638682
.ads.stickyadstv.com/	1970-01-20 16:59:18	Name: UID Value: 10d9e2a949deadffe517c497e714ce
.ads.stickyadstv.com/	1970-01-20 16:17:33	Name: uid-bp-26865 Value: 0E99DE6DBEA146B0BE5412B771E4627B
.lijit.com/	1970-01-21 01:01:42	Name: ljt_reader Value: HquwbQZH9o-J3LLUT0q_VCRE
.smaato.net/	1970-01-20 16:46:21	Name: SCM Value: 4898fb7238
.smaato.net/	1970-01-20 16:46:21	Name: SCMaps Value: 4898fb7238
.smaato.net/	1970-01-20 16:46:21	Name: SCM1001136 Value: 4898fb7238
.yahoo.com/	1970-01-21 01:02:04	Name: A3 Value: d=AQABBGd8VmUCEMhhYsbFar1xJc_sgMJQu74FEgEBAQHNV2VgZdxH0iMA_eMAAA&S=AQAAAuh5fvgD-SlTLeWE6Yhg0LA
.openx.net/	1970-01-21 01:01:42	Name: i Value: 104c293f-2910-4751-870e-70504d1134d8\|1700166759
.tapad.com/	1970-01-20 17:42:30	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 18:25:42	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?^o9!G+!]tbPl1N!7On*M$=BWItifL.ggk1bWiItmYfm_%OjEXdXfp^`zjataUlj%KGS166(/X%W#.wL4W1Qw2>nybkA
.bluekai.com/	1970-01-20 20:38:11	Name: bku Value: blx99sCXPZDTVwGa
.bluekai.com/	1970-01-20 20:38:11	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEOamEkWHEjWxAPO1ExtxMOYHED61EJYBpzhHExt1M5Y9y9gbxr0
.crwdcntrl.net/	1970-01-20 22:44:53	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 22:44:53	Name: _cc_id Value: ee195835bf247930909c4222063609d3
.agkn.com/	1970-01-21 01:01:42	Name: ab Value: 0001%3AdfM1U9%2FGfJNJb4imXMxbIHAoyfXiReAJ
.lijit.com/	1970-01-21 01:01:42	Name: _ljtrtb_2 Value: 0E99DE6DBEA146B0BE5412B771E4627B
.exelator.com/	1970-01-20 19:08:54	Name: EE Value: "4c71f2372841342e6a581c111c0b6619"
.analytics.yahoo.com/	1970-01-21 01:01:42	Name: IDSYNC Value: 176k~2f38
.pro-market.net/	1970-01-20 16:59:18	Name: anHistory Value: "1vk7hp29tryye+2+!#7%.%X#_B&"
.rlcdn.com/	1970-01-21 01:01:42	Name: rlas3 Value: DEkpCUWdPmVNB+QZtpWDhYEhoagdfOxh2D836Lis1l4=
.rlcdn.com/	1970-01-20 17:42:30	Name: pxrc Value: COj42aoGEgUI6AcQABIFCOhHEAA=
.3lift.com/	1970-01-20 18:25:42	Name: tluid Value: 1521094515257945861090
.exelator.com/	1970-01-20 19:08:54	Name: ud Value: "eJxrXxzq6XKLQcEk2dwwzcjY3MjCxNDYxCjVLNHUwjDZ0NAw2SDJzMzQcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6otDgxUUpaQyLSopPBR998xoATv8qVw%253D%253D"
.pro-market.net/	1970-01-20 20:35:18	Name: anProfile Value: "1vk7hp29tryye+1+1f=1+1g=1+1j=57:1+rs=s+rt=260008030A8811340000000000000134+s2=(s48h2f)+vm=24-0E99DE6DBEA146B0BE5412B771E4627B:53-CAESEMP_ho824gtOn7pH_5Qy4cU"
.intentiq.com/	1970-01-21 01:52:06	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 01:52:06	Name: intentIQ Value: NYXgFNKrDQ
.agkn.com/	1970-01-21 01:01:42	Name: u Value: C\|0AAAAAAAALOk46AAAAAAA
.amazon-adsystem.com/	1970-01-20 21:44:25	Name: ad-id Value: AwwEjZe28UdPu9mCAbZfzOg
.amazon-adsystem.com/	1970-01-21 01:52:06	Name: ad-privacy Value: 0
.intentiq.com/	1970-01-21 01:52:06	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 01:52:06	Name: IQPData Value: 3460456582#1700166760292#0#1700166760292
.intentiq.com/	1970-01-21 01:52:06	Name: CSDT Value: UEQ6MTAwNDNfMCZUdm82U2V1
.intentiq.com/	1970-01-21 01:52:06	Name: intentIQCDate Value: 1700166760295
.intentiq.com/	1970-01-20 16:59:18	Name: IQMID Value: 3460456582#1700166760296
.targeting.unrulymedia.com/	1970-01-21 01:01:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b2ef931f-3e54-47e4-a1ba-d0d0e0cc3523-005%22%7D
.pippio.com/	1970-01-21 01:01:42	Name: did Value: HXZmIszzZ_DKqykr
.pippio.com/	1970-01-21 01:01:42	Name: didts Value: 1700166760
.pippio.com/	1970-01-20 17:42:30	Name: nnls Value:
.pippio.com/	1970-01-20 17:42:30	Name: pxrc Value: COj42aoGEgYIgr0rEAA=
.linkedin.com/	1970-01-20 18:25:42	Name: li_sugr Value: 624c03f5-b417-49d0-8777-2635576c24ce
.linkedin.com/	1970-01-21 01:01:42	Name: bcookie Value: "v=2&335ce734-1b3d-4ff6-8b2e-78c12f903e7e"
.linkedin.com/	1970-01-20 16:17:33	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3017:u=1:x=1:i=1700166760:t=1700253160:v=2:sig=AQFcNr5zh5LdyJIzq07Eiy_b2NxShUym"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60e84fd1-7e1c-4aff-b1c1-60a62b10521d.rlets.com
aa.agkn.com
ads.stickyadstv.com
bat.bing.com
bcp.crwdcntrl.net
buchheits.com
buchheitshelp.zendesk.com
capture-api.reachlocalservices.com
cdn.rlets.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
d3jf0pgexz92qy.cloudfront.net
d3sfvumtar0nke.cloudfront.net
diffuser-cdn.app-us1.com
eb2.3lift.com
ekr.zdassets.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
images.buchheits.com
loadm.exelator.com
pbid.pro-market.net
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
prism.app-us1.com
px.ads.linkedin.com
s.ad.smaato.net
s.amazon-adsystem.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.zdassets.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
syncv4.intentiq.com
tag.simpli.fi
trackcmp.net
u9912718.ct.sendgrid.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.buchheits.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.16.51.111
104.18.72.113
107.178.254.65
108.139.29.34
13.35.93.60
142.250.65.194
142.251.40.226
162.248.18.37
167.89.123.16
18.164.124.111
199.127.204.142
199.127.204.171
23.62.105.110
23.92.190.69
2600:1901:0:8eee::
2600:1f18:612b:4280:65f5:303c:b7e2:2e7f
2600:9000:215f:2000:6:9a19:88c0:93a1
2600:9000:215f:9a00:1b:6b7d:2300:93a1
2600:9000:215f:fa00:1b:5138:8a40:93a1
2600:9000:21da:8200:19:fc2c:a140:93a1
2606:4700:4400::6812:22d6
2606:4700::6810:a0d
2606:4700::6810:b0d
2606:4700::6811:180e
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:80b::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2008
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
3.162.3.89
3.225.218.10
34.111.113.62
34.133.71.175
34.29.191.173
34.83.202.81
34.98.64.218
35.155.196.186
35.160.166.85
35.190.60.146
35.71.139.29
52.0.156.250
52.3.119.146
52.46.155.104
52.85.132.15
54.192.51.43
54.211.145.128
63.251.28.133
68.67.178.10
69.173.151.100
00455c2236cdd12509e5535b218c31ac9cf66fa454a69b246f4025b43d8aaa93
00b8e531c710cbe93fd239e6cc1b239f8ab15e079c066617e33fc1ef90680c17
019592d834d488958fe0b97200dd98086cbc50b013d9315aebf9ad9f5dedc0b6
034e04fee796c30eed3a33a61ac7481530ef9b5c23b69c7ffa60f857d1d57eff
0378ea299d7b50f0c1f5b2549faab7ea7f6097819d7b5744d8896a58e50cc61e
04dd182fe3e9e402e892c74d4b3d21d2e76702a947064163d03f149c8a9969ff
08dece78f8e9de6de987aacaf62e199025a56a5b551bb6e9fc47978b09aa953b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10439259c9022ba72ad7c68f4af7ba597a1b233b7efc2564cf1a6ea5af34570e
1351b581c67163a45cbacaa5751164ff2012ed478a4775ad2811bd294261b655
13f60399e3af50d67d4680a4aca790c5bfd59cc7b8ac18b2c4694f97128dbe24
143201484c907f3f8e9e8312c7f0852921b2beb05cbc75b75c57cdb9053e6f3b
155580c43cb333a23ca4526b9751c0d00332f02f1b7c48cc652cebba39a1455a
198646b20f49dfdd2b75862c280fdd8ba4a2df54405cfa62e04abc6e0729b9a0
19ee12cdc79070167e749324b053daa7f0023c26b681300bd7e61b9f02888715
1b063ff2f4ceae3c5c33e5e1511fce3f7a534ecc9148e0760f52861a815741b3
2062349e2099f2d2e412cae1afef4b9d0759d1feebe0aa4fd5ae0c4d4ee9c7f3
20745eebcaafba7d0f4f75e455aac14cbedcbb7fbcc306379ad49dc144e7a1de
224cc31c41de86eb130bc28bd1cf06838f88ce2231953c9666b218c189dbcfa7
2321d29475d47bd4d70a263c8f59d12ebad686e96aef5ac0a9e9e271ec0dcc47
23fab406a79ea64d7e28bb9812acca33c71fcceba5adb88d970dcce6234312f8
2b4b56af49c0d856f4caf84584f94b200317afc42241d1ea292bb18383fb1e1f
2b9c585b04aaddb37de26f2408560ce6b763e31f0b87397d03b81763f6e14809
2d681f30235c807de01f15656c0faf7fb49d609d97d3d3ff0d47bc1ee3a2120c
2e934d60a1d298c6c8d2e03983c128b4075ee6b7ceea0b753f0d75bac0a955d9
2ea802e6d0ff6a7925241abe576b501631af0ec627b00de17270eb5c998ecb0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fca43184dce0ede875bb35ed3fb180437a6cacc3f5b33d595c82249ff12df0b
31bee4d1ffe96bc5f7e74d72eb309bd87c95f5ed948b2ec1100115590e671749
32e35703bd2e2dd7540a2beedb8ea0c189281bb4d2df807019b9d4172075b1b8
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
34cf9a1d63ec5cacd34116ac3f1bc17f912b22ef812d374fce70933963ebf2e7
356992d24c0aa5454213c817e0afcde5695e2e6a4192cfa1d8f52888b9530d2f
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
38a27d76ce1d3354802ff8c66dadcbd8f2c28df77eca02d3f5079374a4704ae8
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
3d46b0e9dc1513cd1659e55924eb6f1fa99c9dacaf828cd331c2af343e22a0a0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4074fc1b40212c8c9f7d54070825ec95c04321e30c90c1c1bb9a49e777042634
451d757e9338507b9b49da81a611ea77cf1232b652cd5dc5b9a4ef7125788bfe
456e4f00399edc1b13996773a01a3f7f3f36d2f429c2fe47d17037d75d1b677d
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
47cc5c0378961f12a33565652ee66ada224e24a4cdb45a8d9e5dff5be409f286
47e520e2c0a7483e87b3aa07adea1117fb17c61538c35d9d58f05cba989922b9
4b42c943a04bfcd747db5365d3a2d2644ca0ed445f0dda6cc10a85a2c3bd0caf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef566d278929c1e4c702a584e73133f44bb7d4651cd99ae0f96a395def64cfc
5416dc2d21aa121a4087af6fc1b04056e98a728475b04ee62c7cc1b14fd77bc1
54d51c1120b42dfe95b0dd4ec476b76c2b16d85f5893bd79a812ae832b1ae815
55130e3abd36f6253f31c40a61688d01b8afe23cc968f6478d1f6b983e1b8ca0
575483cd6339bc249fdf4ccf3bfbc66a4d07740fa0f99795005b5f0faab3fb3d
5b19505df58e7d372ef67f48cc299f1b4dac026f379f77652a6777fd1a681d3c
5b4d705456df7e6f8aec0bbb5b2730c703c0ed6fef6ff751150ae9cfbb88b324
5c73f030eee7fd9d6ab1b158a90800e4499a462a35a09d2d25170ed59f51281d
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f4102330c2138b0b31c8a16efe62b67ebd7ff0a8ab941c6e42349aeed2b351a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
607c7b875ac586942e23290a4c13920c586b6d46145c8c3fb8345576d32416d1
60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf
615ba815ea865991f412f518fa2afeb397e80802795211038a5e162ebd3d18de
6167fb906310f6a3e0319afe1f5f731d545abe4480523081b324df02a5cdebad
64d1e328b12ff4cfc04d293ca92103aabf998b36df00aa3be8f42f5401e46089
693e44fb518867acf95fb6f919a136f68a71e9602d6dc5e524a3a9c0f728022b
6df9f87a455453bf20b7ad6aaef851ff5c80bdafa76368d30564868b014345bc
746321081f72a20cbaf241e8956b2a6ff1d5e11e0ba11fb572dab1db6c7e5499
792877479dc27197f83b1b01c4fe5383f032e0800b82d8806777694ea09780e6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e850809f77b87ffe103e1a3a64c2fcc5f0b9c842af812dd95f9525c300bb2ed
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
845bd76053dd43febd7780836b13a471048a4d16ba76ab7c7e928e9ff7edf139
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8a3d473e6550c3986337f6ca961007e1cdba5e714e3b3d1f93e414779dec676a
8b6e46bbf5860a92dd51095bd1568072fa36e5bb783377441c024aa4b2573397
90e040986df87cea9e441b9c1c4d21d2441924aee19a901ce7de41af3e3bd2c4
93149792ed48b1f357afbfa1dae022cade5f62e5a16e86b95e8625385286ab8e
958dda3ab020a409af73966d4ece5321b643cb4e9be5b9e98c1e6b83b800a44a
961f8106bb71ff4c79536df67f3fd9c77d6af7ac55ec98fa63ce02940c3a7758
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4046219fcdada2da4fdb0e57b3ecd389fabbb9fbd8a4983a227f27f827ff14c
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
aac67a456b2862d6f2e89138455d0ec8954af0cb7d5aa9fd54e17466fb0d3afa
ab3c5c698f81e360c292b2a074bbe541b3e72f3d77bd1ab11c31791c6288991a
adfab6baf3784941a1be11dec5aa922427b9884373418ec8c1e329ed2615b1ca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af11eebba712f2f3bc290120c51127ce711617cb27dd995a1c85e4248628d04b
af8c3ccb23d5f2e87479d32ed7cb51de57a076f03ab4fce7fbaed054b85cc29d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b04b0ae81e50dd67dbb5b90951d79f665129f46fda8615cc4f6e9bdb0b522d
b9255bf8c6ce79e78883fb5d1714da3181f754ccb5f84f3b3d189cd42aa5ccd5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd4c1f597b36cc8e08489702ad758aca27eda3b2f607f690f5f8f8825a593ccd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
c6fed91da1cbe43c0749cf4ec8b7468aeb34ba96cc23b9ba303306402b5af119
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc8da595fd7fb7094a7e6c114ae04cba17c4a10762dc907db57fb37eb4587333
cd58a546b0a576005079ffe5131f14ed0f2441e1aea6cceeb90fea02cc4e209e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d059636a4df1036843995059562fdc9fdf22994558558d622ff9562dd3a48c7c
d6fd645608e355a0ccbc9c430628598d16aed68df1904a57c2a80bf52c4e18ae
d906500713710474e4e95a4be76fb1c69d72b2d4e6b2554021f4fb953c2f57f2
db929965af268f78ecec6aa9deab3fd3599b08055962c05dfed0a30be88437a2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff154b6a7831409d9f503dd0e893ba5059545156b5982a65b8bcf01b5bfd421
e0fb75749145b96723a678969777efa9210331d5c0216ba1331ad73610d7e524
e2aab0528c48948f6db55c11c9e4889f3c92b76f403ccebed4a19aa4c4a3113d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9686aeea0055ab0c2b1f0eba66dec9b6dd487b4ec34b0fc9106edc7cd3a52cb
ea9fa505a1a0a2c1be20d4bdf96bf6f1d8ed5826a3dbe468cd5e531ed3df9635
ece73b759d5a17afa5f93eda5066bb082a9a355d12d6cc6e826e380f273719e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01639714e8deb23e0c8c5689b9ea24818726429e106fcd75842a2110757ae62
f376559469a9016a28c16d89aa314866e02e5b03f1b6103151c40f0a050efb18
f676c2cb2745cdf98a30870a61fa96e776219da4507231ce091cdd759d53307c
f87a8948da0cfc54b6e3598f6a1a8a5409fb56359603f50c300b257cdc02724b
fb2ce52fa61abf9c5341782955dd35c3712cde92ffb410234d888dfb2def3276

www.buchheits.com Open in urlscan Pro 35.160.166.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

86 %HTTPS

39 %IPv6

46 Domains

59 Subdomains

45 IPs

2 Countries

2998 kBTransfer

13503 kBSize

74 Cookies

20 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.buchheits.com Open in urlscan Pro
35.160.166.85 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

86 %
HTTPS

39 %
IPv6

46
Domains

59
Subdomains

45
IPs

2
Countries

2998 kB
Transfer

13503 kB
Size

74
Cookies

154 HTTP transactions
0 data transactions