ian-baltimore-bold-nest.trycloudflare.com Open in urlscan Pro
104.17.124.55  Public Scan

93 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

• https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CP6X7tDr9IQDFV7HwgQdVr0MAg;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP6X7tDr9IQDFV7HwgQdVr0MAg;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 19

• https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=| HTTP 302
• https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|

Request Chain 20

• https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CP2g7tDr9IQDFUfHwgQdM5EBAQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP2g7tDr9IQDFUfHwgQdM5EBAQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 21

• https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= HTTP 302
• https://secure.adnxs.com/seg?add=19609390&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2

Request Chain 22

• https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 HTTP 302
• https://imagesrv.adition.com/1x1.gif

Request Chain 23

• https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 HTTP 302
• https://imagesrv.adition.com/1x1.gif

Request Chain 26

• https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=1 HTTP 302
• https://as.ad4m.at/ad/dpe?b=CAESEKUUFzMrmBHo_G_FURtLkbw&a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=1&google_cver=1

Request Chain 28

• https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DH5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz%26c%3D9%26b%3DSMART_USER_ID HTTP 302
• https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=9&b=4451335906078104413&gdpr=0&gdpr_consent=

Request Chain 29

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&C=1

Request Chain 30

• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DH5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz%26b%3D%24%7BPUBMATIC%5FUID%7D%26c%3D5 HTTP 302
• https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=${PUBMATIC_UID}&c=5

Request Chain 31

• https://a.twiago.com/rtb/usermatch.php?umid=11&userid=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DH5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz%26b%3D%25userid%25%26c%3D7 HTTP 302
• https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=28d0a99671f6c24381fce4d60dc70f8fd0fbe6879e399c077c421dc39b182&c=7

Request Chain 62

• https://ad.ad-srv.net/retarget?a=61152&version=1 HTTP 302
• https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1

Request Chain 70

• https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
• https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 71

• https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent= HTTP 302
• https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1&

Request Chain 91

• https://x.bidswitch.net/sync?dsp_id=305&user_id=76678da07dfb616f&expires=90&gdpr=&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=305&user_id=76678da07dfb616f&expires=90&gdpr=&gdpr_consent= HTTP 302
• https://cm2.adform.net/pixel?adform_pid=3&adform_pc=ed32cea9-dd9c-4bbd-b544-744ee29a387e&adform_v=1

Request Chain 106

• https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CPf89NLr9IQDFVHLwgQdTsMODA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CPf89NLr9IQDFVHLwgQdTsMODA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 108

• https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CLWE9dLr9IQDFYLIwgQdIBcO8A;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLWE9dLr9IQDFYLIwgQdIBcO8A;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 109

• https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= HTTP 302
• https://secure.adnxs.com/seg?add=19609390&t=2

Request Chain 110

• https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 HTTP 302
• https://imagesrv.adition.com/1x1.gif

Request Chain 111

• https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 HTTP 302
• https://imagesrv.adition.com/1x1.gif

Request Chain 117

• https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1710456672496&u_scsid=4831f279-a000-4cc7-917e-db88fec947aa&u_sclid=87b4a765-afe9-45d9-9be2-f23a0dcac5ef HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710369875565%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710369875565%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://tr.snapchat.com/cm/p?rand=1710369875565&pnid=140&pcid=a6c996fc-90b4-4d38-a22a-f2d6e44b02dc

Request Chain 127

• https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
• https://s2.adform.net/banners/scripts/st/trackpoint-async.js

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ian-baltimore-bold-nest.trycloudflare.com/	382 KB 64 KB	1248ms 1180ms	Document text/html	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e09aa35ee93b650dbe270a29bfd840e2e7b14b15f49a8a12a5c2796ba82b5fe3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 7653 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8647d393483339d5-YYZ content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 14 Mar 2024 22:51:07 GMT link </web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css>; rel="preload"; as="style",</web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.js>; rel="preload"; as="script" server cloudflare vary Accept-Encoding x-content-digest en7a500e056ca0bf91a1ddc6972683077453a39fe04921dfc2860042a7ad2e7cc0
GET H2	200	1692796603_bcbf665a891bf5233d29d502c460619c.css ian-baltimore-bold-nest.trycloudflare.com/web/cache/	459 KB 63 KB	243ms 242ms	Stylesheet text/css	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17760a0cd51b8367ec3b19f97c917f73909962d1580beb0e1a1e33cdc001d878 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:07 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag W/"64e60698-72d66" vary Accept-Encoding content-type text/css cache-control max-age=31104000, public cf-ray 8647d39abec739d5-YYZ expires Sun, 09 Mar 2025 22:51:07 GMT
GET H2	200	1692796603_bcbf665a891bf5233d29d502c460619c.js Show response ian-baltimore-bold-nest.trycloudflare.com/web/cache/	697 KB 192 KB	274ms 273ms	Script application/javascript	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e600b32edaf67e8eff8248600b067b5c3883a66b6d3b4e307a63db27a6d40d4 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:07 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:21 GMT server cloudflare etag W/"64e606a5-ae346" vary Accept-Encoding content-type application/javascript cache-control max-age=31104000, public cf-ray 8647d39abec939d5-YYZ expires Sun, 09 Mar 2025 22:51:07 GMT
GET H2	200	livebuy-sdk.js Show response sdk.livebuy.io/	37 KB 12 KB	191ms 30ms	Script text/javascript	2600:9000:2514:8a00:16:c2fc:5a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.livebuy.io/livebuy-sdk.js Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:8a00:16:c2fc:5a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a7739987a17e44a05fbd7b6f8b3fc5a9c8f1bf5ce5b51352b7933c739eb2041f Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:49:14 GMT content-encoding br via 1.1 6379820fbac3eca5570c58b520f7931e.cloudfront.net (CloudFront) last-modified Thu, 14 Mar 2024 13:28:25 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 142 x-amz-server-side-encryption AES256 etag W/"665e64f9d995fde3e48d4ae29a8b0abf" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=300 x-amz-cf-id 9sgBM6I7D5qkT_yk2UTnq6DHV_SL6XZ01zKTcireID8eR4Y4J7xtVw==
GET H2	200	arrow-right-white.svg www.herthashop.de/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/	1 KB 622 B	1215ms 114ms	Image image/svg+xml	116.203.183.219 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.herthashop.de/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-right-white.svg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.203.183.219 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS s42e39.meinserver.io Software nginx / Resource Hash b4365977c5e2a1b441c86ccd1e708d6915adde68c9bc6a79bbd6cdae2797da3a Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT content-encoding br last-modified Wed, 23 Aug 2023 13:16:08 GMT server nginx etag W/"64e60698-400" vary Accept-Encoding content-type image/svg+xml cache-control max-age=31104000 expires Sun, 09 Mar 2025 22:51:08 GMT
GET H2	200	header-logo2021.svg ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/logos/	11 KB 4 KB	277ms 277ms	Image image/svg+xml	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/logos/header-logo2021.svg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a83308794097fbcd7f4421871a8bbf24ac06c5d682d7197a5a2ea6fe509e7a19 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:07 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag W/"64e60698-2ab7" vary Accept-Encoding content-type image/svg+xml cache-control max-age=31104000 cf-ray 8647d39aced439d5-YYZ expires Sun, 09 Mar 2025 22:51:07 GMT
GET H/1.1	200 OK	Sky_4C.png os1.meinecloud.io/b10088/media/image/ac/37/1d/	177 KB 178 KB	1256ms 111ms	Image image/png	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/ac/37/1d/Sky_4C.png Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash ed09a0e4d038db97f15530255fbefcc75d593bebdae50926f65b5f06ffa8b7a2 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Mon, 12 Oct 2020 11:57:06 GMT Server MinIO X-Amz-Request-Id 17BCC347285CCA9D ETag "08e372c9b40fe79fd404ae962db798a8" Vary Origin Content-Type image/png Cache-Control public,max-age=31536000 Accept-Ranges bytes Content-Length 181197 X-Xss-Protection 1; mode=block x-amz-meta-mc-attrs atime:1602451016#152470586/gid:5005/gname:client1/mode:33188/mtime:1565766823#274995463/uid:5005/uname:web2
GET H2	200	12811.js Show response www.dwin1.com/	51 KB 14 KB	104ms 28ms	Script application/javascript	2600:9000:2209:6400:f:8ce2:fb80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.dwin1.com/12811.js Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2209:6400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 146329c1b59dabb778851e68ca40bad6196ce49a3473f0ec50c65a13f757f793 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id ea8B.d5s.CJ4s97a41LOfPL_Vq2MrWYB content-encoding gzip via 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront) date Thu, 14 Mar 2024 22:41:22 GMT x-amz-cf-pop EWR53-P1 age 586 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 13 Mar 2024 14:28:35 GMT server AmazonS3 etag W/"a6a4d9487c6ff1982ec9ebab8ec6c554" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=600, s-maxage=600 x-amz-cf-id mV-_WIHnDg_2X-N51mvWDbnLAMebZoXyuVS-52SwWRj_-k7rtDlxnQ==
GET H2	200	Hertha-Regular.woff2 ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/	47 KB 47 KB	265ms 264ms	Font font/woff2	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/Hertha-Regular.woff2 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d2210032d52924e367f3a5f5353ab2946b1c1401cf255ab95a21ce31ae7c9a8 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Origin https://ian-baltimore-bold-nest.trycloudflare.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:07 GMT cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag "64e60698-bc5c" vary Accept-Encoding content-type font/woff2 cache-control max-age=31104000 accept-ranges bytes cf-ray 8647d39d3d0c39d5-YYZ content-length 48220 expires Sun, 09 Mar 2025 22:51:07 GMT
GET H2	200	shopware.woff ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/	69 KB 69 KB	250ms 248ms	Font font/woff	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/shopware.woff Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 499e8db4de7463aade473f0c529c839547c9679e9b483e76944a39b4d922dcfe Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Origin https://ian-baltimore-bold-nest.trycloudflare.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:07 GMT cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag "64e60698-113d0" vary Accept-Encoding content-type font/woff cache-control max-age=31104000 accept-ranges bytes cf-ray 8647d39d3d1239d5-YYZ content-length 70608 expires Sun, 09 Mar 2025 22:51:07 GMT
GET H2	200	Hertha-Black.woff2 ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/	50 KB 50 KB	509ms 509ms	Font font/woff2	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/Hertha-Black.woff2 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 789c9865060b0970be7f897767b0f2c32254c8ed3724394bd05035eb523cd255 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Origin https://ian-baltimore-bold-nest.trycloudflare.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag "64e60698-c734" vary Accept-Encoding content-type font/woff2 cache-control max-age=31104000 accept-ranges bytes cf-ray 8647d39d3d1439d5-YYZ content-length 50996 expires Sun, 09 Mar 2025 22:51:08 GMT
GET H2	200	refreshStatistic Show response ian-baltimore-bold-nest.trycloudflare.com/widgets/index/ Frame 1845	0 312 B	476ms 474ms	Document text/html	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/widgets/index/refreshStatistic?requestPage=%2F&requestController=index Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private cf-cache-status DYNAMIC cf-ray 8647d39dadfc39d5-YYZ content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 14 Mar 2024 22:51:08 GMT expires -1 pragma no-cache server cloudflare vary Accept-Encoding x-body-eval ESI x-robots-tag noindex
GET		zanox.js static.zanox.com/scripts/	0 0
GET H2	200	m8f5fech.js Show response ad4m.at/	27 KB 11 KB	125ms 49ms	Script application/javascript	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/m8f5fech.js Requested by Host: www.dwin1.com URL: https://www.dwin1.com/12811.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 601a009aea5454d6bd14ea7f92c7e0e663054a9c3c16b5e0190e8d16bfe902ba Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:07 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 Jan 2024 10:47:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 108403 etag W/"d64cbfe42c21cb4689f9bb2032acc83b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tm%2B%2B%2BUHIqH0RbJkrqZbsIqimypakqD67mQduuRENqTP4knnVhGctXEhstYweeyJDcWhOWBS7%2Bid1ZK4ixFckrhDFpLF9fIawLa%2F4M25CI3Ti5QlM6Z8X9L63iQe11SjvOU1QfT0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 8647d39e49a34286-EWR alt-svc h3=":443"; ma=86400 expires Wed, 13 Mar 2024 16:44:24 GMT
GET H/1.1	200 OK	d65a51381a.js Show response tm.ad-srv.net/tm/a/container/init/	12 KB 3 KB	664ms 142ms	Script application/javascript	46.4.92.215 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData2136944516307&rnd=56306451 Requested by Host: www.dwin1.com URL: https://www.dwin1.com/12811.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.92.215 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.215.92.4.46.clients.your-server.de Software nginx / Resource Hash 845f5ef060dda7d333d989c1a854ed2c761914d7f7577669f060b2f3a40293ef Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Mar 2024 22:51:08 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Expires 0
GET H2	200	bounce.min.js Show response api.bounce-commerce.de/	2 KB 1 KB	675ms 124ms	Script application/javascript	2a01:4f8:272:50e8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.bounce-commerce.de/bounce.min.js Requested by Host: www.dwin1.com URL: https://www.dwin1.com/12811.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.24.0 / Resource Hash 529719c177311bb9f345c442bf5b3039567392929670474949689f242beda4b1 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT content-encoding gzip last-modified Sun, 08 Oct 2023 11:48:43 GMT server nginx/1.24.0 etag W/"6522971b-932" content-type application/javascript; charset=utf-8 cache-control max-age=604800, public expires Thu, 21 Mar 2024 22:51:08 GMT
GET H2	200	lantern_global_12811.min.js Show response lantern.roeyecdn.com/	2 KB 2 KB	88ms 27ms	Script application/octet-stream	2600:9000:24f1:5000:1f:af3f:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lantern.roeyecdn.com/lantern_global_12811.min.js Requested by Host: www.dwin1.com URL: https://www.dwin1.com/12811.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f1:5000:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e2ebb3c55d0f8bc1b36c90cbd3ed0b9c3ccef79fd248057353af43aaebc6651e Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id pLifxHyHj2xZqbEwwo_mnLHaSmjsS.y9 date Thu, 14 Mar 2024 08:55:28 GMT via 1.1 25c8a58d4773aeef98fa0f0f950689bc.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 12:17:12 GMT server AmazonS3 x-amz-cf-pop JFK50-P4 age 50140 etag "6cc07e76ec9b99d1bea2f430101b99b1" x-cache Hit from cloudfront content-type application/octet-stream content-length 1810 x-amz-cf-id 7fW633Ftu2EbvlT0qcycKKWQxWsByREZNFiwIDij2k2tTLkqC17kSQ==
GET H2	200	track.php lantern.roeye.com/	0 127 B	318ms 101ms	Image image/gif	54.72.24.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://lantern.roeye.com/track.php?fingerprint=&referrer=&landingpage=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&site=12811 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.24.4 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-24-4.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT server nginx content-length 0 content-type image/gif
GET H2	200	cookie-frame.html Show response ad4m.at/ Frame CA1C	2 KB 1 KB	46ms 45ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/cookie-frame.html Requested by Host: ad4m.at URL: https://ad4m.at/m8f5fech.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 103863 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400 cf-cache-status HIT cf-ray 8647d39eaa0c4286-EWR content-encoding br content-language en content-type text/html date Thu, 14 Mar 2024 22:51:07 GMT expires Fri, 01 Mar 2024 10:21:10 GMT last-modified Tue, 28 Nov 2023 11:49:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IcKBzpBaOZ5eqL8Pd3Brb3859OtiigKCBQEahx7mPDZWyXE0EgqRMiAIo0YHWna%2Bt8rK19dDpLmr0BwyD8rUqDyuWyPEX1gkWmU5iWcIjrtKzgcCj683e0iLT9ULao%2FqQ8aOaE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	gdpr=0;dc_pre=CP6X7tDr9IQDFV7HwgQdVr0MAg;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1? https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CP6X7tDr9IQDFV7HwgQdVr0MAg;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o... https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP6X7tDr9IQDFV7HwgQdVr0MAg;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1	42 B 107 B	190ms 115ms	Image image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP6X7tDr9IQDFV7HwgQdVr0MAg;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 14 Mar 2024 22:51:08 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"14121592731592837188"}],"aggregatable_trigger_data":[{"filters":{"14":["6726761"]},"key_piece":"0xf5082b067caa3432","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x1095b4e31aac5d3a","not_filters":{"14":["6726761"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6726761"]},"key_piece":"0xd299bc44766c7e53","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x56c84a75042854b","not_filters":{"14":["6726761"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"13479978301949373963","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14121592731592837188","filters":{"14":["6726761"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"14121592731592837188","filters":{"14":["6726761"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"14121592731592837188","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"14121592731592837188","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8219325"]}} x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type image/png location https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP6X7tDr9IQDFV7HwgQdVr0MAg;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 access-control-allow-origin * cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ track.adform.net/Serving/TrackPoint/ Redirect Chain https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=| https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|	35 B 518 B	129ms 127ms	Image image/gif	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=| Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type image/gif access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1 Redirect headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type text/html; charset=utf-8 location https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=| access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H2	200	gdpr=0;dc_pre=CP2g7tDr9IQDFUfHwgQdM5EBAQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1? https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CP2g7tDr9IQDFUfHwgQdM5EBAQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o... https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP2g7tDr9IQDFUfHwgQdM5EBAQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1	42 B 401 B	173ms 114ms	Image image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP2g7tDr9IQDFUfHwgQdM5EBAQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 14 Mar 2024 22:51:08 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"10064900676032581059"}],"aggregatable_trigger_data":[{"filters":{"14":["3313423"]},"key_piece":"0x27ba1173316a04c3","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x29d6393523214fa6","not_filters":{"14":["3313423"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["3313423"]},"key_piece":"0x1e8e8ccf5a8feaf0","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x2a593753ddb9d3bb","not_filters":{"14":["3313423"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"1895023922458661278","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10064900676032581059","filters":{"14":["3313423"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"10064900676032581059","filters":{"14":["3313423"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"10064900676032581059","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"10064900676032581059","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["5252003"]}} x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type image/png location https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CP2g7tDr9IQDFUfHwgQdM5EBAQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 access-control-allow-origin * cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= https://secure.adnxs.com/seg?add=19609390&t=2 https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2	43 B 1 KB	42ms 42ms	Image image/gif	68.67.160.24 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:09 GMT an-x-request-uuid a35f3055-dd30-44da-95f5-cc45f4c9a5a8 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 96.9.246.196; 96.9.246.196; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT an-x-request-uuid c53bc302-c78c-4997-aae9-f12be392436f server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2 x-proxy-origin 96.9.246.196; 96.9.246.196; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	1x1.gif imagesrv.adition.com/ Redirect Chain https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 https://imagesrv.adition.com/1x1.gif	68 B 178 B	334ms 103ms	Image image/gif	217.79.188.60 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://imagesrv.adition.com/1x1.gif Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS imagesrv.adition.com Software / Resource Hash 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin * date Thu, 14 Mar 2024 22:51:08 GMT last-modified Fri, 24 Jul 2009 13:46:10 GMT accept-ranges bytes etag "3122740758" content-length 68 content-type image/gif Redirect headers location https://imagesrv.adition.com/1x1.gif access-control-allow-origin * date Thu, 14 Mar 2024 23:51:08 +0100 content-type text/plain server ADITIONSERVER v1.0 p3p policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	1x1.gif imagesrv.adition.com/ Redirect Chain https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 https://imagesrv.adition.com/1x1.gif	68 B 103 B	335ms 104ms	Image image/gif	217.79.188.60 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://imagesrv.adition.com/1x1.gif Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS imagesrv.adition.com Software / Resource Hash 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin * date Thu, 14 Mar 2024 22:51:08 GMT last-modified Fri, 24 Jul 2009 13:46:10 GMT accept-ranges bytes etag "3122740758" content-length 68 content-type image/gif Redirect headers location https://imagesrv.adition.com/1x1.gif access-control-allow-origin * date Thu, 14 Mar 2024 23:51:08 +0100 content-type text/plain server ADITIONSERVER v1.0 p3p policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	/ track.adform.net/Serving/TrackPoint/	35 B 519 B	131ms 128ms	Image image/gif	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=| Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type image/gif access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H2	204	dst as.ad4m.at/ad/	0 537 B	154ms 125ms	Image text/plain	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://as.ad4m.at/ad/dst?a=1939&b=2&c=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&e=17916&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT strict-transport-security max-age=86400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} via 1.1 google cross-origin-embedder-policy unsafe-none surrogate-control no-store cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin server cloudflare cross-origin-opener-policy unsafe-none x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 8647d3a24e674286-EWR expires 0
GET H3	200	dpe as.ad4m.at/ad/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=1 https://as.ad4m.at/ad/dpe?b=CAESEKUUFzMrmBHo_G_FURtLkbw&a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=1&google_cver=1	0 582 B	129ms 128ms	Image text/plain	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://as.ad4m.at/ad/dpe?b=CAESEKUUFzMrmBHo_G_FURtLkbw&a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=1&google_cver=1 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H3 Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT strict-transport-security max-age=86400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} via 1.1 google cross-origin-embedder-policy unsafe-none surrogate-control no-store cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin server cloudflare cross-origin-opener-policy unsafe-none x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 8647d3a3ef7c43c8-EWR expires 0 Redirect headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://as.ad4m.at/ad/dpe?b=CAESEKUUFzMrmBHo_G_FURtLkbw&a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=1&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 317 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tpui ih.adscale.de/	0 38 B	372ms 108ms	Image text/plain	18.195.92.168 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/tpui?tpid=25&tpuid=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DH5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz%26b%3D__ADSCALE_USER_ID__%26c%3D6 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.92.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-92-168.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT content-length 0
GET H3	200	dpe as.ad4m.at/ad/ Redirect Chain https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DH5IihPTO4ByGgBGBZ... https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=9&b=4451335906078104413&gdpr=0&gdpr_consent=	0 547 B	130ms 129ms	Image text/plain	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=9&b=4451335906078104413&gdpr=0&gdpr_consent= Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H3 Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:09 GMT strict-transport-security max-age=86400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} via 1.1 google cross-origin-embedder-policy unsafe-none surrogate-control no-store cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin server cloudflare cross-origin-opener-policy unsafe-none x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 8647d3a5799643c8-EWR expires 0 Redirect headers location https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&c=9&b=4451335906078104413&gdpr=0&gdpr_consent= pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H2	200	rum dsum-sec.casalemedia.com/ Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&C=1	43 B 340 B	58ms 52ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&C=1 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzX7GV0tmQXy%2BNXZ2BeNtKu4NSuMU8Ye5fNzyqnTE59z410P%2BaZGLOuo0FB7zZqT0KfkRYN0To2F1GGyleznAXYIxxDqPvfBzI032HY1ngMBvzEUTtug4REEVU3SCs%2FwaoADnt%2BxKKfAZw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8647d3a438e454a9-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsiMeyyeKEyDiircI%2Bu43qQNouYD303mcnOMkUk61sJLFws3A9q1N1nW4ynqzO%2FAzqTBMFwajgZuXHC2BsgT%2Flu2ZSvekfaiW5s0CUbaABjtm1Jgm2kd2MP8Js69OXyTbTXNRXLXmWqPKg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=5&external_user_id=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&C=1 cache-control no-cache cf-ray 8647d3a3d85854a9-YYZ alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	dpe as.ad4m.at/ad/ Redirect Chain https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DH5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz%26b%3D%24%7BPUBMATIC%5FUID%... https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=${PUBMATIC_UID}&c=5	0 546 B	127ms 126ms	Image text/plain	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=${PUBMATIC_UID}&c=5 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H3 Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT strict-transport-security max-age=86400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} via 1.1 google cross-origin-embedder-policy unsafe-none surrogate-control no-store cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin server cloudflare cross-origin-opener-policy unsafe-none x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 8647d3a43fef43c8-EWR expires 0 Redirect headers location https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=${PUBMATIC_UID}&c=5 date Thu, 14 Mar 2024 22:51:08 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H3	200	dpe as.ad4m.at/ad/ Redirect Chain https://a.twiago.com/rtb/usermatch.php?umid=11&userid=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DH5IihPTO4ByGg... https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=28d0a99671f6c24381fce4d60dc70f8fd0fbe6879e399c077c421dc39b182&c=7	0 546 B	128ms 128ms	Image text/plain	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=28d0a99671f6c24381fce4d60dc70f8fd0fbe6879e399c077c421dc39b182&c=7 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H3 Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:09 GMT strict-transport-security max-age=86400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} via 1.1 google cross-origin-embedder-policy unsafe-none surrogate-control no-store cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin server cloudflare cross-origin-opener-policy unsafe-none x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 8647d3a7bc0e43c8-EWR expires 0 Redirect headers location https://as.ad4m.at/ad/dpe?a=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&b=28d0a99671f6c24381fce4d60dc70f8fd0fbe6879e399c077c421dc39b182&c=7 date Thu, 14 Mar 2024 22:51:09 GMT p3p policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM" server Apache x-powered-by PHP/7.3.29 content-type text/html; charset=UTF-8
GET H2	200	nl-grafik.png ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/newsletter/	14 KB 14 KB	260ms 260ms	Image image/png	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/newsletter/nl-grafik.png Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d09124716d088f15fa8383e2c1b58e07f4705e2997ca5869ba32b06ee7ee83c Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag "64e60698-3839" vary Accept-Encoding content-type image/png cache-control max-age=31104000 accept-ranges bytes cf-ray 8647d39fca3839d5-YYZ content-length 14393 expires Sun, 09 Mar 2025 22:51:08 GMT
GET H2	200	csrftoken Show response ian-baltimore-bold-nest.trycloudflare.com/	0 166 B	536ms 535ms	XHR text/html	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ian-baltimore-bold-nest.trycloudflare.com/csrftoken Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://ian-baltimore-bold-nest.trycloudflare.com/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:08 GMT content-encoding gzip cf-cache-status DYNAMIC x-csrf-token ejxzds74B6qmDeNxrUeCwD7mZdGdmQ server cloudflare vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, private cf-ray 8647d39fca4439d5-YYZ expires -1
GET H2	200	arrow-left-white.svg ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/	1015 B 520 B	292ms 291ms	Image image/svg+xml	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-left-white.svg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba9a6e89c840085bbe46a1427b2dfbf79ba7db337aaa7f4079b950c23d871fc7 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag W/"64e60698-3f7" vary Accept-Encoding content-type image/svg+xml cache-control max-age=31104000 cf-ray 8647d3a01b0a39d5-YYZ expires Sun, 09 Mar 2025 22:51:08 GMT
GET H2	200	arrow-right-white.svg ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/	1 KB 517 B	293ms 292ms	Image image/svg+xml	104.17.124.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ian-baltimore-bold-nest.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-right-white.svg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4365977c5e2a1b441c86ccd1e708d6915adde68c9bc6a79bbd6cdae2797da3a Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:08 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 13:16:08 GMT server cloudflare etag W/"64e60698-400" vary Accept-Encoding content-type image/svg+xml cache-control max-age=31104000 cf-ray 8647d3a01b0b39d5-YYZ expires Sun, 09 Mar 2025 22:51:08 GMT
GET H/1.1	200 OK	Neu_BasicKollektion_1zu1_800x800.webp os1.meinecloud.io/b10088/media/image/e0/3b/39/	75 KB 76 KB	399ms 111ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/e0/3b/39/Neu_BasicKollektion_1zu1_800x800.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash e6c982dd88cde2821f1b7f417edbfe5fe4cf23fd672d4f0014c5900fa87abca1 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Wed, 14 Feb 2024 14:43:03 GMT Server MinIO X-Amz-Request-Id 17BCC34713AF29C2 ETag "016764b00eb62792a01a34b4f537711c" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 77256 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	BabyKit_1zu1_800x800.webp os1.meinecloud.io/b10088/media/image/30/21/6e/	61 KB 61 KB	400ms 111ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/30/21/6e/BabyKit_1zu1_800x800.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 532982fd02277343b04584681b645a81108e62cdf17fd83cecc9d7d9ba6cb374 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Wed, 14 Feb 2024 14:50:26 GMT Server MinIO X-Amz-Request-Id 17BCC34713B4F1E1 ETag "6b689da031b6ea06d54c04cadbb6500c" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 62462 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Ostern_Shopslider_1920x860lBJel6gwKtNSv.jpg os1.meinecloud.io/b10088/media/image/11/52/eb/	785 KB 786 KB	400ms 113ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/11/52/eb/Ostern_Shopslider_1920x860lBJel6gwKtNSv.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash db05a784f6f30945e8ed4bfd4538181e880e7e415adf9149e3b90a84c58a68fc Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Thu, 14 Mar 2024 15:20:42 GMT Server MinIO X-Amz-Request-Id 17BCC34713A76BEC ETag "cd6c0fa6667992f4deae2c63eed9c712" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 803964 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Beige_Shopslider_1920x860.jpg os1.meinecloud.io/b10088/media/image/42/7f/13/	576 KB 576 KB	119ms 118ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/42/7f/13/Beige_Shopslider_1920x860.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 27e0e7d6aaf8796a778e61c3ae3295379ab7aaf723d0c9e05480f3dbd36194d0 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Thu, 07 Mar 2024 15:18:54 GMT Server MinIO X-Amz-Request-Id 17BCC3472B73FC9D ETag "67fe18a08f4467d04a4a76f37cfeacb7" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 589759 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Auswaerts_Shopslider_1920x860.jpg os1.meinecloud.io/b10088/media/image/cc/37/63/	543 KB 544 KB	123ms 122ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/cc/37/63/Auswaerts_Shopslider_1920x860.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 6bde2c9674253ea6ddc78eb6b7a02df73e1c15c1672a505695c5969c04707e61 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Mon, 04 Mar 2024 11:20:00 GMT Server MinIO X-Amz-Request-Id 17BCC3472D100395 ETag "2f1acc74fb9d32339a43fa7a87bb3c75" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 556502 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Bademantel_Shopslider_1920x860.jpg os1.meinecloud.io/b10088/media/image/a1/a8/8d/	500 KB 501 KB	115ms 114ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/a1/a8/8d/Bademantel_Shopslider_1920x860.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 48268935cad40851758adadd88ab02cc3aae471449567fd996629c0eed45eb16 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Fri, 16 Feb 2024 15:13:15 GMT Server MinIO X-Amz-Request-Id 17BCC3472E0707EF ETag "5195ed529233790f41cd8e7ad7b76ec3" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 512193 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Ausweich_Shopslider_1920x860-2.jpg os1.meinecloud.io/b10088/media/image/23/2d/46/	525 KB 525 KB	112ms 112ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/23/2d/46/Ausweich_Shopslider_1920x860-2.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 409f1e2bf01d1be1eb2c8b4e84d33d88723f3fc4e10d8070d7d79673cb2d3bb9 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Thu, 22 Feb 2024 17:46:37 GMT Server MinIO X-Amz-Request-Id 17BCC3472E094351 ETag "cfc304cc785ac0e12f9ed229a7c4f99e" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 537270 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Ostern_Slider_Mobile_750x1060_2sdSz02CLDgbmU.jpg os1.meinecloud.io/b10088/media/image/0b/5b/29/	507 KB 508 KB	117ms 117ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/0b/5b/29/Ostern_Slider_Mobile_750x1060_2sdSz02CLDgbmU.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash c4b2b3b9f92ec8c0afe306dfba55d9018085f2b72d935958fe05213b09077a74 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Thu, 14 Mar 2024 15:20:19 GMT Server MinIO X-Amz-Request-Id 17BCC3473630EB4A ETag "6867649569bbb228f447e2d1afbeb20d" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 519666 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Beige_Slider_Mobile_750x1060_2.jpg os1.meinecloud.io/b10088/media/image/e1/35/86/	326 KB 327 KB	110ms 109ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/e1/35/86/Beige_Slider_Mobile_750x1060_2.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash a3c040d2de4a846195cc845cc533d841efb29daee92f289e1a9b8f08406b2038 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Thu, 07 Mar 2024 15:18:52 GMT Server MinIO X-Amz-Request-Id 17BCC34744A8692A ETag "7e6d660f180f354a3bebc97b3e3b5841" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 334235 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Auswaerts_Slider_Mobile_750x1060.jpg os1.meinecloud.io/b10088/media/image/f3/1c/8b/	334 KB 334 KB	118ms 118ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/f3/1c/8b/Auswaerts_Slider_Mobile_750x1060.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 1b5bcd16813ac0c7349f0171d2f12808ba03d5a1da168dd705594db1fe57ed30 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Mon, 04 Mar 2024 11:19:59 GMT Server MinIO X-Amz-Request-Id 17BCC347498C4662 ETag "a2cb3708558a16362aea776838b136f7" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 341552 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Bademantel_Slider_Mobile_750x1060.jpg os1.meinecloud.io/b10088/media/image/cc/46/56/	387 KB 387 KB	136ms 136ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/cc/46/56/Bademantel_Slider_Mobile_750x1060.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash e406821af63fa0dabbf6f34a49e4eeb5126da475647725063c6535b0be2df2b3 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Fri, 16 Feb 2024 15:13:12 GMT Server MinIO X-Amz-Request-Id 17BCC3474BFB2A08 ETag "fb4e46e2afbeacc055765785eee8ec0a" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 395914 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Ausweich_Slider_Mobile_750x1060-2.jpg os1.meinecloud.io/b10088/media/image/08/aa/de/	301 KB 302 KB	131ms 130ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/08/aa/de/Ausweich_Slider_Mobile_750x1060-2.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 4b40a260b5ffc639db67efd2a3c0fedebe19fa7708a4e252c5965d5703f939d2 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Thu, 22 Feb 2024 17:46:34 GMT Server MinIO X-Amz-Request-Id 17BCC3474C183C25 ETag "b49c89bf5c1f26c1785608ce8bdae301" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 308674 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Ostern_Shop_Slider_TabletuiAr8PTW9Q9ux.jpg os1.meinecloud.io/b10088/media/image/3a/b0/2e/	195 KB 196 KB	130ms 130ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/3a/b0/2e/Ostern_Shop_Slider_TabletuiAr8PTW9Q9ux.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 5ca709589beefc436530a14ff982e237365fb415b5316aac7636c59648c8979d Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Thu, 14 Mar 2024 15:20:59 GMT Server MinIO X-Amz-Request-Id 17BCC3474F87AC9E ETag "fdebecbd19978af99df50ca8a1026aec" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 199926 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Beige_Shop_Slider_Tablet.jpg os1.meinecloud.io/b10088/media/image/ef/57/2e/	150 KB 150 KB	128ms 125ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/ef/57/2e/Beige_Shop_Slider_Tablet.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 016d9e41f064e10cbed4d34e7724cddd2157cf3e5679432a0a771d5126212190 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Thu, 07 Mar 2024 15:18:55 GMT Server MinIO X-Amz-Request-Id 17BCC3475157D79E ETag "8367de693be49ebcd1a88c86df3b82f4" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 153506 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Auswaerts_Shop_Slider_Tablet.jpg os1.meinecloud.io/b10088/media/image/a5/7b/21/	153 KB 154 KB	131ms 130ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/a5/7b/21/Auswaerts_Shop_Slider_Tablet.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 4fcdd5a4b13af795aca1ac84eec4f1a19f9c29e43491987001614feb765a8a71 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Mon, 04 Mar 2024 11:20:01 GMT Server MinIO X-Amz-Request-Id 17BCC3475158D2D4 ETag "c199da9f3a1147ee333e3408605c57bc" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 156951 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Bademantel_Shop_Slider_Tablet.jpg os1.meinecloud.io/b10088/media/image/16/ff/31/	136 KB 137 KB	128ms 128ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/16/ff/31/Bademantel_Shop_Slider_Tablet.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash b2a72282fbe8353bbf9b0bbdf21fd6196789f06a431f641f88f9267c44a52340 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Fri, 16 Feb 2024 15:13:17 GMT Server MinIO X-Amz-Request-Id 17BCC347515951DC ETag "a5bbc1142dd8786705e3cda6a8ad3a56" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 139617 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	Ausweich_Shop_Slider_Tablet.jpg os1.meinecloud.io/b10088/media/image/b1/04/72/	134 KB 135 KB	137ms 137ms	Image image/jpeg	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/b1/04/72/Ausweich_Shop_Slider_Tablet.jpg Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 324d189729bc3d44c78309768ed1d6b907ee7f8fe3beed6a5d424a2b98b686f3 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:09 GMT Last-Modified Thu, 22 Feb 2024 17:46:39 GMT Server MinIO X-Amz-Request-Id 17BCC3475783E707 ETag "b351e410f4a8ffbf3a454eb2f957917f" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 137328 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	230125-1mM1vIqEl3YBsS_400x400.webp os1.meinecloud.io/b10088/media/image/53/12/58/	16 KB 17 KB	609ms 113ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/53/12/58/230125-1mM1vIqEl3YBsS_400x400.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 764009519b1c7b7d83c84cdc09d8050c02737ecb5733657395816f1d34eba0e1 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Wed, 31 Jan 2024 10:51:04 GMT Server MinIO X-Amz-Request-Id 17BCC34722182F3C ETag "30281741544066c7a16b3aeb33b2f899" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 16726 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	230125-3sbvpEs6isMCqZ5_400x400.webp os1.meinecloud.io/b10088/media/image/b3/a4/0f/	15 KB 15 KB	599ms 112ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/b3/a4/0f/230125-3sbvpEs6isMCqZ5_400x400.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash f185ccece80e456068a42622ceb9e695a4c45ed1039f7e66f0c6687f45df100b Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Wed, 31 Jan 2024 10:51:22 GMT Server MinIO X-Amz-Request-Id 17BCC347218884EB ETag "becaf854a8856f42053ea9029747d1f5" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 14876 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	hbsc_graffiti_stadiontasche_400x400.webp os1.meinecloud.io/b10088/media/image/c3/51/28/	15 KB 15 KB	370ms 115ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/c3/51/28/hbsc_graffiti_stadiontasche_400x400.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 0fc00b376a1e3ca0c405f969b1b8bc20d52ff7aad57a89788d53a623d26359c6 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Wed, 24 Jan 2024 12:45:46 GMT Server MinIO X-Amz-Request-Id 17BCC34713BB4AEB ETag "3d262b77fc23a03f4b17d4dbf25a69e8" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 14854 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	hbsc_graffitti_bauchtasche_400x400.webp os1.meinecloud.io/b10088/media/image/88/bb/2b/	16 KB 16 KB	609ms 113ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/88/bb/2b/hbsc_graffitti_bauchtasche_400x400.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash 79834a27024cae65a005d3406236e46858d2c3f0b921ed5c82fb6f2eacbba55b Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Wed, 24 Jan 2024 12:46:45 GMT Server MinIO X-Amz-Request-Id 17BCC347221B26BF ETag "b4ce7ee07acc35c0d3652ec1ea6732a5" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 16320 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	230111-1_400x400.webp os1.meinecloud.io/b10088/media/image/5e/ab/01/	18 KB 18 KB	371ms 114ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/5e/ab/01/230111-1_400x400.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash eb043460025cd1d5204c272941ebbcf83209aef59442c0c232cc178d18d7e6dd Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Fri, 10 Nov 2023 12:58:48 GMT Server MinIO X-Amz-Request-Id 17BCC34713B690F5 ETag "bff1b52f7ea57f304cb658b2b0606521" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 18274 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	230111-2_400x400.webp os1.meinecloud.io/b10088/media/image/42/a7/b5/	17 KB 17 KB	369ms 113ms	Image image/webp	116.203.242.198 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://os1.meinecloud.io/b10088/media/image/42/a7/b5/230111-2_400x400.webp Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS os1.meinecloud.io Software MinIO / Resource Hash b1cb2c8bf4cbdc764c96b68954a23c2f55b38070269f467efd3f16f3c8d8d3f8 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Thu, 14 Mar 2024 22:51:08 GMT Last-Modified Fri, 10 Nov 2023 12:58:58 GMT Server MinIO X-Amz-Request-Id 17BCC34713B7261A ETag "b5a132182f4fe528b85fceb53b79d6c1" Vary Origin Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 17362 X-Xss-Protection 1; mode=block
POST H2	200	request Show response api.bounce-commerce.de/	0 322 B	351ms 117ms	XHR text/html	2a01:4f8:272:50e8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.bounce-commerce.de/request Requested by Host: api.bounce-commerce.de URL: https://api.bounce-commerce.de/bounce.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.24.0 / PHP/8.1.25 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryXyxYjcPsx23pnijv Response headers date Thu, 14 Mar 2024 22:51:08 GMT content-encoding gzip server nginx/1.24.0 x-powered-by PHP/8.1.25 access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	d65a51381a.js Show response tm724.ad-srv.net/tm/a/container/eval/	153 B 467 B	835ms 182ms	Script application/javascript	46.4.92.215 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tm724.ad-srv.net/tm/a/container/eval/d65a51381a.js?sid=t6nabhp04gu9ohe1ekn48hid6a&rnd=24690080&macroData[transactionId]=&macroData[searchTerm]=&macroData[products]=&macroData[productId]=empty&macroData[productDetails]=&macroData[pageType]=homepage&macroData[pageName]=&macroData[orderValue]=&macroData[checkoutStage]=&macroData[categoryId]= Requested by Host: tm.ad-srv.net URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData2136944516307&rnd=56306451 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.92.215 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.215.92.4.46.clients.your-server.de Software nginx / Resource Hash c3612bfa514fee772a749b270d8da589503293eb1f845c351f36594c5ca6530c Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Mar 2024 22:51:09 GMT Server nginx P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 153 Expires 0
GET H/1.1	200 OK	d65a51381a.html Show response tm724.ad-srv.net/tm/a/container/tags/iframe/ Frame 0C0D	1 KB 905 B	492ms 116ms	Document text/html	46.4.92.215 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tm724.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=t6nabhp04gu9ohe1ekn48hid6a Requested by Host: tm.ad-srv.net URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData2136944516307&rnd=56306451 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.92.215 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.215.92.4.46.clients.your-server.de Software nginx / Resource Hash 491ca964d9447b2a25f2136ffc2b5b3135315422292e445949e30e873fe12c72 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 14 Mar 2024 22:51:10 GMT Expires 0 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	retarget Show response ad.ad-srv.net/ Frame DC0E Redirect Chain https://ad.ad-srv.net/retarget?a=61152&version=1 https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1	1 KB 1 KB	390ms 151ms	Document text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1 Requested by Host: tm724.ad-srv.net URL: https://tm724.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=t6nabhp04gu9ohe1ekn48hid6a Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lübbecke, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash 2c05d973308df3aa2b22a39d11f73d1e0736d1dce3638714d2b68039bb7676f6 Request headers Referer https://tm724.ad-srv.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection close Content-Encoding gzip Content-Length 657 Content-Type text/html; charset=UTF-8 Date Thu, 14 Mar 2024 22:51:11 GMT Expires Mon, 26 Jul 1997 05:00:00 GMT P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Thu, 14 Mar 2024 22:51:10 GMT Expires Mon, 26 Jul 1997 05:00:00 GMT Location ?a=61152&version=1&redirected=1 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache
GET H2	200	gtm.js Show response www.googletagmanager.com/	292 KB 100 KB	126ms 67ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b10726c4d97d5695daa5b93acc5745d21a99ec102bc094f754baeb8dc5a27e07 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 102419 x-xss-protection 0 last-modified Thu, 14 Mar 2024 21:15:12 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 14 Mar 2024 22:51:10 GMT
GET H2	200	bundle.js Show response app.usercentrics.eu/browser-ui/latest/	622 KB 178 KB	107ms 26ms	Script text/javascript	2600:1901:0:5987:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.usercentrics.eu/browser-ui/latest/bundle.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software UploadServer / Resource Hash 260e294d5a1de5756ebcfba0b0c04f0c1ee0ecd6a9de3bc12037168be53cbadf Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:39:40 GMT content-encoding gzip strict-transport-security max-age=7776000 age 690 x-guploader-uploadid ABPtcPq8X_Ni9L1z9pH7cXLOqxuDpSBQjSVmI2HS4Q_TI_nkIjoOPaDKuCjKttmAl696dkx7Y8w x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 181158 last-modified Thu, 07 Mar 2024 10:49:31 GMT server UploadServer etag "7b61592c25cf693e06301960c9fdafa1" x-goog-generation 1709808571738562 x-goog-hash crc32c=/IkWFw==, md5=e2FZLCXPaT4GMBlgyf2voQ== access-control-allow-origin * access-control-expose-headers Content-Type, Content-Length, Transfer-Encoding cache-control public, max-age=3600, no-transform x-goog-stored-content-length 181158 accept-ranges bytes content-type text/javascript expires Thu, 14 Mar 2024 23:39:40 GMT
OPTIONS H2	200	languages.json api.usercentrics.eu/settings/DQ4q62vv3/latest/ Frame	0 0	237ms 137ms	Preflight text/html	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/settings/DQ4q62vv3/latest/languages.json Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://ian-baltimore-bold-nest.trycloudflare.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,POST,DELETE access-control-allow-origin * access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Thu, 14 Mar 2024 22:51:10 GMT expires Thu, 14 Mar 2024 22:51:10 GMT server UploadServer strict-transport-security max-age=7776000 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPqjutp9DdMP6mvTT5YLetrx36MVEmDDhveG2ULwvowgnHJJ0Gde2FMaZPv37gTOjvomrUs
GET H2	200	languages.json Show response api.usercentrics.eu/settings/DQ4q62vv3/latest/	76 B 591 B	33ms 29ms	Fetch application/json	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/settings/DQ4q62vv3/latest/languages.json Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 7ee8ca906d61597785e898a6a4e492227006b05b297fc86766d94f7b4f20eac9 Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type application/json Response headers date Thu, 14 Mar 2024 22:50:44 GMT content-encoding gzip strict-transport-security max-age=7776000 age 27 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPov5fa17QKbkHmT9304YJZzelnmGhlrUyyWAnsm2NaMjxq13ipjWpPskpWeq6i_21GKTJo x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69 last-modified Mon, 04 Mar 2024 16:49:57 GMT server UploadServer etag "a843efde233f76067a1d8385eee64406" vary Accept-Encoding x-goog-generation 1709570997632688 x-goog-hash crc32c=4cg/Wg==, md5=qEPv3iM/dgZ6HYOF7uZEBg== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=1800, s-maxage=60 x-goog-stored-content-length 69 accept-ranges bytes content-type application/json expires Thu, 14 Mar 2024 22:51:44 GMT
GET H3	200	de.json Show response api.usercentrics.eu/settings/DQ4q62vv3/latest/	35 KB 9 KB	176ms 157ms	Fetch application/json	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/settings/DQ4q62vv3/latest/de.json Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 4f1e260230fddb17a74c0391d81f426a06cf81bb768ed09837a534ee699b4a30 Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type application/json Response headers date Thu, 14 Mar 2024 22:51:11 GMT content-encoding gzip strict-transport-security max-age=7776000 age 0 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPrJxVuQtFodlOx0OpGumOxT5oGmZHkaCtIyOkgmNPu8A8_yzf2QgutGHhoSbQiPFba5brQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9345 last-modified Mon, 04 Mar 2024 16:49:57 GMT server UploadServer etag "0633d4f800768aec0638dc38a4a8bcce" vary Accept-Encoding x-goog-generation 1709570997627083 x-goog-hash crc32c=w5ca3g==, md5=BjPU+AB2iuwGONw4pKi8zg== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=1800, s-maxage=60 x-goog-stored-content-length 9345 accept-ranges bytes content-type application/json expires Thu, 14 Mar 2024 22:52:11 GMT
OPTIONS H2	200	de.json api.usercentrics.eu/settings/DQ4q62vv3/latest/ Frame	0 0	147ms 147ms	Preflight text/html	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/settings/DQ4q62vv3/latest/de.json Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://ian-baltimore-bold-nest.trycloudflare.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,POST,DELETE access-control-allow-origin * access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Thu, 14 Mar 2024 22:51:11 GMT expires Thu, 14 Mar 2024 22:51:11 GMT server UploadServer strict-transport-security max-age=7776000 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPpKCGjsEhrp-g-nQtxDBy3zEXoHF62EO-APxf3OI0t4cIJkpnbOfjb-IP4vqmTsRHy5Nw4
GET H2	200	js Show response pixel.mathtag.com/event/ Frame DC0E	161 B 494 B	125ms 47ms	Script text/javascript	151.101.193.91 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/event/js?mt_id=1559605&mt_adid=248420&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1&gdpr=&gdpr_consent= Requested by Host: ad.ad-srv.net URL: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.91 , United States, ASN54113 (FASTLY, US), Reverse DNS Software MT3 1549 cea2cde master ord ord-pixel-x53 config_version:"437" / Resource Hash 98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457 Request headers accept-language en-US,en;q=0.9 Referer https://ad.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0 date Thu, 14 Mar 2024 22:51:11 GMT content-encoding gzip via 1.1 varnish age 0 x-cache MISS p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 165 x-served-by cache-yyz4567-YYZ server MT3 1549 cea2cde master ord ord-pixel-x53 config_version:"437" x-timer S1710456671.378475,VS0,VE19 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control no-cache accept-ranges bytes expires Thu, 14 Mar 2024 22:51:10 GMT
GET H2	200	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/ Frame DC0E Redirect Chain https://track.adform.net/serving/scripts/trackpoint/async/ https://s2.adform.net/banners/scripts/st/trackpoint-async.js	80 KB 31 KB	174ms 63ms	Script application/javascript	185.167.164.44 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: ad.ad-srv.net URL: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1 Protocol H2 Server 185.167.164.44 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d Request headers accept-language en-US,en;q=0.9 Referer https://ad.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:11 GMT content-encoding gzip last-modified Fri, 08 Mar 2024 07:02:31 GMT server nginx x-amz-request-id tx00000bbe73cbd24ef5535-0065eaccdd-3296fce9-default etag W/"1c188eabf1f0749a0cffb2c108473370" x-cache-status HIT, HIT, HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-rgw-object-type Normal cache-control public, max-age=604800 Redirect headers location https://s2.adform.net/banners/scripts/st/trackpoint-async.js date Thu, 14 Mar 2024 22:51:11 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx content-type text/html
GET H/1.1	200 OK	/ Show response ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/ Frame F95F Redirect Chain https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent= https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1&	154 B 499 B	367ms 136ms	Document text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1& Requested by Host: ad.ad-srv.net URL: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lübbecke, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash 7b6cdffe87187c2dd3bfc9a898581c31a330198f5109213e0db517243aa6e48f Request headers Referer https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 146 Content-Type text/html; charset=UTF-8 Date Thu, 14 Mar 2024 22:51:11 GMT Server Apache Vary Accept-Encoding Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Thu, 14 Mar 2024 22:51:11 GMT Location ?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1& Server Apache
GET H2	200	cross-domain-bridge.html Show response app.usercentrics.eu/browser-sdk/4.33.2/ Frame 709C	5 KB 1 KB	28ms 26ms	Document text/html	2600:1901:0:5987:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.usercentrics.eu/browser-sdk/4.33.2/cross-domain-bridge.html Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software UploadServer / Resource Hash 8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50 Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * access-control-expose-headers Content-Type Content-Length Transfer-Encoding age 648015 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=2592000, no-transform content-encoding gzip content-length 1123 content-type text/html date Thu, 07 Mar 2024 10:50:56 GMT etag "b2c25d9740f18b153a141e9da7580a09" expires Sat, 06 Apr 2024 10:50:56 GMT last-modified Thu, 07 Mar 2024 10:48:57 GMT server UploadServer strict-transport-security max-age=7776000 x-goog-generation 1709808537497616 x-goog-hash crc32c=XM2Lxw== md5=ssJdl0DxixU6FB6dp1gKCQ== x-goog-metageneration 2 x-goog-storage-class STANDARD x-goog-stored-content-encoding gzip x-goog-stored-content-length 1123 x-guploader-uploadid ABPtcPonOPXBfEQcH4obkHWCR3eiuGVL9IZ_vnhvYBPBApxDkztbYtKVSsvxGwbk7Pkd7Blb13WXFCsIyA
GET H2	200	1px.png app.usercentrics.eu/session/	489 B 824 B	26ms 26ms	Image image/png	2600:1901:0:5987:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://app.usercentrics.eu/session/1px.png?settingsId=DQ4q62vv3 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software UploadServer / Resource Hash 009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741 Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:23:57 GMT content-encoding gzip strict-transport-security max-age=7776000 age 1634 x-guploader-uploadid ABPtcPoSbuj4aIpYWgY8NBAD_ilW0bPN4EDLoZEUMtE8GPgBP6-cg8fluNpjxoyKYRdlRZyIFsVUTtippw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 522 last-modified Fri, 08 May 2020 09:06:13 GMT server UploadServer etag "3702ada73b8951017b8451cbd6a96523" x-goog-generation 1588928773413784 x-goog-hash crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw== content-type image/png cache-control public,max-age=1800,no-transform x-goog-stored-content-length 522 accept-ranges bytes expires Thu, 14 Mar 2024 22:53:57 GMT
GET H3	200	translations-de.json Show response api.usercentrics.eu/translations/	8 KB 3 KB	27ms 27ms	Fetch application/json	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/translations/translations-de.json Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash d4921e6caf1dfe28190143aa7cab9addbed7127f03827e73a7cdc56032c25610 Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type application/json Response headers date Thu, 14 Mar 2024 22:02:17 GMT content-encoding gzip strict-transport-security max-age=7776000 age 2934 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPqjlDE9QzWb3dl_rQLll-IWkeFxcp40XktPzpAVsRLsD5o3JAsKnCptD1BMcN8P5fTa7HY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2875 last-modified Tue, 30 Jan 2024 11:24:22 GMT server UploadServer etag "5f40044b7c98de707f2f938632ef9890" vary Accept-Encoding x-goog-generation 1706613862457759 x-goog-hash crc32c=c2vh+w==, md5=X0AES3yY3nB/L5OGMu+YkA== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400, s-maxage=86400 x-goog-stored-content-length 2875 accept-ranges bytes content-type application/json expires Fri, 15 Mar 2024 22:02:17 GMT
OPTIONS H3	200	translations-de.json api.usercentrics.eu/translations/ Frame	0 0	136ms 136ms	Preflight text/html	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/translations/translations-de.json Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://ian-baltimore-bold-nest.trycloudflare.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,POST,DELETE access-control-allow-origin * access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Thu, 14 Mar 2024 22:51:11 GMT expires Thu, 14 Mar 2024 22:51:11 GMT server UploadServer strict-transport-security max-age=7776000 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPqrteCQdMvqM0r-xgB11Q2b7hcWJnNWUXl4gZDCJU_8bvmWcUX5NMr0I_TJWHaJ-7Oh908
OPTIONS H2	204	de aggregator.service.usercentrics.eu/aggregate/ Frame	0 0	189ms 109ms	Preflight text/html	2600:1901:0:256b:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://aggregator.service.usercentrics.eu/aggregate/de?templates=9V8bg4D63@9.6.8,B1WMgcNodi-7@4.2.2,BJ59EidsWQ@25.7.28,BJTzqNi_i-m@5.3.8,BJz7qNsdj-7@15.8.17,CguMb4Rq@4.0.4,Gd0bshOBs@12.2.15,H1QMcEsusbm@11.7.8,H1Vl5NidjWX@40.17.44,H1dDqVjOjWX@14.11.12,HHnOG47_6@2.2.2,HJLZqNi_iZQ@7.3.2,HLap0udLC@6.1.5,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,QcD9GVNXZ@1.1.2,S1hmcVouiZm@6.2.2,S1tqOzjaX@5.1.5,SJFe9NousWX@11.10.13,SkPc5EjOsWm@6.2.1,Skj79NodobQ@8.1.3,SyfKc4oOjWQ@10.3.3,SylacVousbm@10.2.0,W-HOHMTVq@5.1.5,XYQZBUojc@9.6.4,bt_SD1xU@2.0.3,ir7QpAGI@1.1.4,njy_AxqKG@3.0.3,rJ99c4oOo-X@7.3.6,rJMsqEj_iZQ@14.6.7,rkUcEjuoWm@16.6.5,twMyStLkn@15.9.15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://ian-baltimore-bold-nest.trycloudflare.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Thu, 14 Mar 2024 22:51:11 GMT server Google Frontend vary Origin, Access-Control-Request-Headers via 1.1 google x-cloud-trace-context b40e8334e9eeb6648960b7527f1f22ed
GET H2	200	de Show response aggregator.service.usercentrics.eu/aggregate/	114 KB 15 KB	27ms 26ms	Fetch application/json	2600:1901:0:256b:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://aggregator.service.usercentrics.eu/aggregate/de?templates=9V8bg4D63@9.6.8,B1WMgcNodi-7@4.2.2,BJ59EidsWQ@25.7.28,BJTzqNi_i-m@5.3.8,BJz7qNsdj-7@15.8.17,CguMb4Rq@4.0.4,Gd0bshOBs@12.2.15,H1QMcEsusbm@11.7.8,H1Vl5NidjWX@40.17.44,H1dDqVjOjWX@14.11.12,HHnOG47_6@2.2.2,HJLZqNi_iZQ@7.3.2,HLap0udLC@6.1.5,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,QcD9GVNXZ@1.1.2,S1hmcVouiZm@6.2.2,S1tqOzjaX@5.1.5,SJFe9NousWX@11.10.13,SkPc5EjOsWm@6.2.1,Skj79NodobQ@8.1.3,SyfKc4oOjWQ@10.3.3,SylacVousbm@10.2.0,W-HOHMTVq@5.1.5,XYQZBUojc@9.6.4,bt_SD1xU@2.0.3,ir7QpAGI@1.1.4,njy_AxqKG@3.0.3,rJ99c4oOo-X@7.3.6,rJMsqEj_iZQ@14.6.7,rkUcEjuoWm@16.6.5,twMyStLkn@15.9.15 Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software Google Frontend / Resource Hash 78f44e7121300db7c0a566d7480e17687159a80b3682dcd70218e723739fb8a2 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type application/json Response headers date Wed, 28 Feb 2024 08:32:17 GMT content-encoding br via 1.1 google server Google Frontend age 1347534 etag "10uddro" vary Accept-Encoding, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public,max-age=2592000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14829
GET H3	200	en.json Show response api.usercentrics.eu/gvl/v3/	581 KB 71 KB	31ms 30ms	XHR application/json	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/gvl/v3/en.json Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash aca97333236d75feb3b105ffa99b0e988bd26df6df8892a958a02dc579421f5b Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 21:22:56 GMT content-encoding gzip strict-transport-security max-age=7776000 age 5295 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPpootjks6RbtZ_BbzPJhmlcu_7u1NhX_zd4uYWnPiAHaHoVrTgWu3u2WXKRh8b7-Gwdo-g_YFHTPA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72341 last-modified Fri, 08 Mar 2024 01:00:11 GMT server UploadServer etag "f3cff406f2771588d5495a2ad67ca04e" vary Accept-Encoding x-goog-generation 1709859611342498 x-goog-hash crc32c=O7x9oQ==, md5=88/0BvJ3FYjVSVoq1nygTg== access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=7200, s-maxage=7200 x-goog-stored-content-length 72341 accept-ranges bytes content-type application/json expires Thu, 14 Mar 2024 23:22:56 GMT
GET H3	200	de.json Show response api.usercentrics.eu/gvl/v3/	45 KB 9 KB	27ms 27ms	XHR application/json	2600:1901:0:c07c:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.usercentrics.eu/gvl/v3/de.json Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash bc7a55fc5c6437b356c8d1a3ec6396a8876d746db0a193f67937634acd6e3f4f Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 21:52:25 GMT content-encoding gzip strict-transport-security max-age=7776000 age 3527 x-client-geo-location US,USNY x-guploader-uploadid ABPtcPptM52qJQ4JEOENEJlaL2UyFy01FVF7oV_0oYZ-N61YzSNuoDxPcGy-BYKgV-rAmBgtGuvu-jYg8w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9328 last-modified Fri, 08 Mar 2024 01:00:11 GMT server UploadServer etag "1b76ed88036b327c60758dbc99aa1c2b" vary Accept-Encoding x-goog-generation 1709859611320041 x-goog-hash crc32c=iEYd8Q==, md5=G3btiANrMnxgdY28maocKw== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=7200, s-maxage=7200 x-goog-stored-content-length 9328 accept-ranges bytes content-type application/json expires Thu, 14 Mar 2024 23:52:25 GMT
OPTIONS H2	204	3 consent-api.service.consent.usercentrics.eu/consent/uw/ Frame	0 0	222ms 131ms	Preflight text/html	2600:1901:0:1e38:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://consent-api.service.consent.usercentrics.eu/consent/uw/3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Accept */* Access-Control-Request-Headers access-control-allow-origin,content-type,x-request-id Access-Control-Request-Method POST Origin https://ian-baltimore-bold-nest.trycloudflare.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-headers access-control-allow-origin,content-type,x-request-id access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Thu, 14 Mar 2024 22:51:12 GMT server Google Frontend strict-transport-security max-age=7776000 vary Origin, Access-Control-Request-Headers via 1.1 google x-cloud-trace-context 19dcda9df742a1be1e006a386911085b
POST H2	201	3 Show response consent-api.service.consent.usercentrics.eu/consent/uw/	0 78 B	140ms 127ms	Fetch text/html	2600:1901:0:1e38:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://consent-api.service.consent.usercentrics.eu/consent/uw/3 Requested by Host: app.usercentrics.eu URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=7776000 Request headers Access-Control-Allow-Origin * Accept application/json Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 X-Request-ID 86a3ba3b-ac60-4acb-8c02-938c4c89c087 content-type application/json Response headers date Thu, 14 Mar 2024 22:51:12 GMT via 1.1 google strict-transport-security max-age=7776000 server Google Frontend vary Origin content-type text/html access-control-allow-origin * x-cloud-trace-context 0e8f4d9ebb4980ab693b80ccc8d4c9e4 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	277 KB 93 KB	165ms 165ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-WEL07G5MBW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 920b80b54a5230c413b213907e35d749c7f56fd42bd345fe449a43ca7999183a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95153 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 14 Mar 2024 22:51:12 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	101ms 27ms	Script text/javascript	2607:f8b0:4006:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 14 Mar 2024 21:51:42 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3570 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 14 Mar 2024 23:51:42 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	216 KB 58 KB	167ms 56ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 85267fa4a3e908d0c2778fc27bf13b384d2353c2d12e8d4c78982a3cfaa9636e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 14 Mar 2024 22:51:12 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57631 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=45, rtx=0, c=12, mss=1294, tbw=2804, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug 0nnufx8eT6KJBDdFtFVY1WZblcyIb1yNLE00F+VqWtBHhXh6Bz50Ywe/p1PJA8/cy1KX6x34gEyFtCr+br11fg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	178ms 58ms	Script application/javascript	199.232.160.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.160.157 New York, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 18:08:41 GMT etag "32ad004436155ec972bc50e6238b5b67+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kcgs7200042-IAD, cache-lga13623-LGA
GET H2	200	12811.js Show response www.dwin1.com/	51 KB 14 KB	30ms 30ms	Script application/javascript	2600:9000:2209:6400:f:8ce2:fb80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.dwin1.com/12811.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2209:6400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 146329c1b59dabb778851e68ca40bad6196ce49a3473f0ec50c65a13f757f793 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id ea8B.d5s.CJ4s97a41LOfPL_Vq2MrWYB content-encoding gzip via 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront) date Thu, 14 Mar 2024 22:41:22 GMT x-amz-cf-pop EWR53-P1 age 591 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 13 Mar 2024 14:28:35 GMT server AmazonS3 etag W/"a6a4d9487c6ff1982ec9ebab8ec6c554" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=600, s-maxage=600 x-amz-cf-id oheqoEXDGCcXB5YcZgj62B_eeEAUlbFFSbPvU1JBoQMnlx5MyrN0Bw==
GET H2	200	scevent.min.js Show response sc-static.net/	44 KB 19 KB	147ms 62ms	Script application/javascript	18.238.74.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.74.246 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-74-246.jfk52.r.cloudfront.net Software CloudFront / Resource Hash 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT content-encoding gzip via 1.1 f80d7132f63b09d3c980a7f84c3ec4a4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop JFK52-P5 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 19117 x-amz-cf-id 2AfR0zbV5V_RlPoxtn_o1FCgtArvuYBbRxSu848vCaienL19FCjEcQ==
GET H2	200	destination Show response www.googletagmanager.com/gtag/	205 KB 75 KB	89ms 88ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-779437501&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2dd2d6d1cad87404ce7db6fb7d81420b8fc385437b0da866d93424a4db8217ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76443 x-xss-protection 0 last-modified Thu, 14 Mar 2024 21:15:12 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 14 Mar 2024 22:51:12 GMT
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	9 KB 4 KB	118ms 26ms	Script application/x-javascript	54.230.160.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.230.160.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-160-114.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Thu, 14 Mar 2024 19:10:28 GMT Content-Encoding gzip Via 1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront) Last-Modified Fri, 01 Mar 2024 19:43:19 GMT Server AmazonS3 X-Amz-Cf-Pop EWR53-C3 Age 13245 ETag W/"a023114c374b2d4f49e3420f667f8e66" x-amz-server-side-encryption AES256 Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id Y6_ueX5txyA1pzstOYCVo3IRDkDtjWuoayxAJx_z7F9tfw-hFe-r2A==
GET H2	200	/ Show response track.adform.net/Serving/TrackPoint/ Frame DC0E	111 B 715 B	130ms 130ms	Script text/javascript	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/Serving/TrackPoint/?pm=2494165&ADFPageName=d23e0719a8&ADFdivider=%7C&ord=959038318657&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D61152%26version%3D1%26redirected%3D1&CPref=https%3A%2F%2Ftm724.ad-srv.net%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Requested by Host: track.adform.net URL: https://track.adform.net/serving/scripts/trackpoint/async/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 7c0a7357302efa38a485672d0fe6d9ebf5c74934b2966ca87393c0ebac434f24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ad.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 186 expires -1
GET H2	200	pixel cm2.adform.net/ Frame F95F Redirect Chain https://x.bidswitch.net/sync?dsp_id=305&user_id=76678da07dfb616f&expires=90&gdpr=&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?dsp_id=305&user_id=76678da07dfb616f&expires=90&gdpr=&gdpr_consent= https://cm2.adform.net/pixel?adform_pid=3&adform_pc=ed32cea9-dd9c-4bbd-b544-744ee29a387e&adform_v=1	43 B 163 B	205ms 35ms	Image image/gif	185.167.164.52 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm2.adform.net/pixel?adform_pid=3&adform_pc=ed32cea9-dd9c-4bbd-b544-744ee29a387e&adform_v=1 Requested by Host: ad.ad-srv.net URL: https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1& Protocol H2 Server 185.167.164.52 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ad.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT last-modified Tue, 30 Jan 2024 09:43:35 GMT server nginx accept-ranges bytes etag "65b8c4c7-2b" content-length 43 content-type image/gif Redirect headers Location //cm2.adform.net/pixel?adform_pid=3&adform_pc=ed32cea9-dd9c-4bbd-b544-744ee29a387e&adform_v=1 Date Thu, 14 Mar 2024 22:51:12 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H3	200	m8f5fech.js Show response ad4m.at/	27 KB 11 KB	65ms 64ms	Script application/javascript	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/m8f5fech.js Requested by Host: www.dwin1.com URL: https://www.dwin1.com/12811.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 601a009aea5454d6bd14ea7f92c7e0e663054a9c3c16b5e0190e8d16bfe902ba Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 Jan 2024 10:47:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 108408 etag W/"d64cbfe42c21cb4689f9bb2032acc83b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fFG5aSXZon1ekETq8Ky26sZFG3Z8zRRPPoUyjD6AnqsqXIfC7Tv1j9FqTO5oIc3PFCJSce82lhR8MlGBdx8FGwkLBHdCsDD%2F%2BBeB1z3novGlQxHQthWd9HT3fHbK9SoOHkdHY8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 8647d3b8ced243c8-EWR alt-svc h3=":443"; ma=86400 expires Wed, 13 Mar 2024 16:44:24 GMT
GET H/1.1	200 OK	d65a51381a.js Show response tm.ad-srv.net/tm/a/container/init/	12 KB 3 KB	492ms 113ms	Script application/javascript	46.4.92.215 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData2088638785592&rnd=19650714 Requested by Host: www.dwin1.com URL: https://www.dwin1.com/12811.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.92.215 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.215.92.4.46.clients.your-server.de Software nginx / Resource Hash 7c5fbef375e402fd2640923656e962dcb4fa4b5eade97666628abeae17879094 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Mar 2024 22:51:12 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Expires 0
GET H2	200	bounce.min.js Show response api.bounce-commerce.de/	2 KB 1 KB	136ms 136ms	Script application/javascript	2a01:4f8:272:50e8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.bounce-commerce.de/bounce.min.js Requested by Host: www.dwin1.com URL: https://www.dwin1.com/12811.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.24.0 / Resource Hash 529719c177311bb9f345c442bf5b3039567392929670474949689f242beda4b1 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT content-encoding gzip last-modified Sun, 08 Oct 2023 11:48:43 GMT server nginx/1.24.0 etag W/"6522971b-932" content-type application/javascript; charset=utf-8 cache-control max-age=604800, public expires Thu, 21 Mar 2024 22:51:12 GMT
GET H3	200	cookie-frame.html Show response ad4m.at/ Frame 1EEB	2 KB 1 KB	77ms 77ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/cookie-frame.html Requested by Host: ad4m.at URL: https://ad4m.at/m8f5fech.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 103868 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400 cf-cache-status HIT cf-ray 8647d3b93f9343c8-EWR content-encoding br content-language en content-type text/html date Thu, 14 Mar 2024 22:51:12 GMT expires Fri, 01 Mar 2024 10:21:10 GMT last-modified Tue, 28 Nov 2023 11:49:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vi%2FdpW3nVsfemMp7QUPu%2FPlCzqMsgMycxdUkTsSZKKHCSgYDbWp4J6JMk0xbiE7FaQyTvtdPL%2F0LB3EsHZJ4BcUYdRVObhCRD%2FMgIxK5L7%2FAcZW7NbxBIhFy1oG%2FYA5Cs1%2B8Ag8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 227 B	340ms 339ms	XHR text/plain	2607:f8b0:4006:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1938389783&t=pageview&_s=1&dl=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&ul=en-us&de=UTF-8&dt=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAEK~&jid=1976954777&gjid=485823541&cid=1004302136.1710456672&tid=UA-73429790-1&_gid=1146478238.1710456672&_r=1&_slc=1&gtm=45He43d0n81NTJJHXQv79577065za200&gcs=G111&gcd=13n3n3n3n5&dma=0&tcfd=10000&z=1576337644 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ian-baltimore-bold-nest.trycloudflare.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	d13aed06-63ab-44a0-9e79-e07f11ad396d.js Show response tr.snapchat.com/config/com/	174 B 471 B	198ms 104ms	Script application/javascript	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/com/d13aed06-63ab-44a0-9e79-e07f11ad396d.js?v=3.12.0-2402271815 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 5320b576f52f227c7f4d7179b76be5b6cd8e49aa5f185a1cc6cc065b39b40e3c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Origin https://ian-baltimore-bold-nest.trycloudflare.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google, 1.1 google server API Gateway content-type application/javascript access-control-allow-origin https://ian-baltimore-bold-nest.trycloudflare.com x-envoy-upstream-service-time 38 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 174
GET H2	200	i Show response tr.snapchat.com/cm/ Frame C7ED	672 B 1 KB	181ms 77ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=d13aed06-63ab-44a0-9e79-e07f11ad396d&u_scsid=2f17fa4d-f478-42a7-96f1-18060d0021f2&u_sclid=18155471-074c-4a5c-9014-6ea40fc7d1fb Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 672 content-type text/html date Thu, 14 Mar 2024 22:51:12 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google, 1.1 google x-envoy-upstream-service-time 0
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/779437501/	2 KB 2 KB	122ms 50ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779437501/?random=1710456672269&cv=11&fst=1710456672269&bg=ffffff&guid=ON&async=1&gtm=45be43d0z879577065za201&gcd=13n3n3n3n5&dma=0&tcfd=10000&u_w=1600&u_h=1200&url=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&hn=www.googleadservices.com&frm=0&tiba=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&uamb=0&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-779437501&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e873564a9ac94e2c9cb2e0eb7988f8d9a3657a21a55dea12feae1c67447c6f09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1340 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 272 B	109ms 40ms	Ping text/plain	2001:4860:4802:32::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-WEL07G5MBW&gtm=45je43d0v9116846308z879577065za200&_p=1710456670336&_gaz=1&gcs=G111&gcd=13n3n3n3n5&npa=0&dma=0&tcfd=10000&gdid=dOThhZD&cid=1004302136.1710456672&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710456672&sct=1&seg=0&dl=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&dt=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&en=page_view&_fv=1&_ss=1&tfd=6276 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WEL07G5MBW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ian-baltimore-bold-nest.trycloudflare.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	343ms 49ms	Ping text/plain	2607:f8b0:4004:c08::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WEL07G5MBW&cid=1004302136.1710456672&gtm=45je43d0v9116846308z879577065za200&aip=1&dma=0&gcs=G111&gcd=13n3n3n3n5&npa=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WEL07G5MBW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ian-baltimore-bold-nest.trycloudflare.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	request Show response api.bounce-commerce.de/	0 321 B	124ms 123ms	XHR text/html	2a01:4f8:272:50e8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.bounce-commerce.de/request Requested by Host: api.bounce-commerce.de URL: https://api.bounce-commerce.de/bounce.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.24.0 / PHP/8.1.25 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryy55gq6DPmAOJmBto Response headers date Thu, 14 Mar 2024 22:51:12 GMT content-encoding gzip server nginx/1.24.0 x-powered-by PHP/8.1.25 access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	adsct t.co/i/	43 B 376 B	280ms 135ms	Image image/gif	104.244.42.5 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=8ada7ccf-e856-4239-8f0a-6814b2470dc2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=63d9d539-309f-4a09-941c-589cf9c3c9f4&tw_document_href=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2egi&type=javascript&version=2.3.29 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.5 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-response-time 79 date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=0 server tsa_b content-type image/gif;charset=utf-8 x-transaction-id 5f61741390cd25d6 cache-control no-cache, no-store, max-age=0 perf 7469935968 x-connection-hash 163cdc5dc864dc706bafb027f2ffe18a6f1d6e5f30cec1d02022c5063dd6bebb content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 393 B	208ms 66ms	Image image/gif	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8ada7ccf-e856-4239-8f0a-6814b2470dc2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=63d9d539-309f-4a09-941c-589cf9c3c9f4&tw_document_href=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2egi&type=javascript&version=2.3.29 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-response-time 6 date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=631138519 server tsa_b content-type image/gif;charset=utf-8 x-transaction-id 77a7be1e5af6d2d7 cache-control no-cache, no-store, max-age=0 perf 7469935968 x-connection-hash 7ee7ef36f95fcbcb0031a6143547811887806957d9268b05d0d735fe0da60f6f content-length 43
GET H2	200	764462920400784 Show response connect.facebook.net/signals/config/	63 KB 13 KB	221ms 219ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/764462920400784?v=2.9.149&r=stable&domain=ian-baltimore-bold-nest.trycloudflare.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a54941b1787c246d293af4b7a33c5be30497b07ee2fb26980d470a9cdd903cfe Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 14 Mar 2024 22:51:12 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=39, rtx=0, c=59, mss=1294, tbw=62770, tp=-1, tpl=-1, uplat=187, ullat=0 pragma public x-fb-debug 3jyLiYCEbe6QxiVv4U4hTU2lQGvdAiHm1d22K80tN2MNeOoezbsBFAK5jvZEvsMATWEvqfOmE7P2oDK6n438Aw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	gdpr=0;dc_pre=CPf89NLr9IQDFVHLwgQdTsMODA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1? https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CPf89NLr9IQDFVHLwgQdTsMODA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o... https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CPf89NLr9IQDFVHLwgQdTsMODA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1	42 B 107 B	90ms 90ms	Image image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CPf89NLr9IQDFVHLwgQdTsMODA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 14 Mar 2024 22:51:12 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"14121592731592837188"}],"aggregatable_trigger_data":[{"filters":{"14":["6726761"]},"key_piece":"0xf5082b067caa3432","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x1095b4e31aac5d3a","not_filters":{"14":["6726761"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6726761"]},"key_piece":"0xd299bc44766c7e53","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x56c84a75042854b","not_filters":{"14":["6726761"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"15531977819779574225","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14121592731592837188","filters":{"14":["6726761"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"14121592731592837188","filters":{"14":["6726761"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"14121592731592837188","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"14121592731592837188","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8219325"]}} x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type image/png location https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CPf89NLr9IQDFVHLwgQdTsMODA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 access-control-allow-origin * cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ track.adform.net/Serving/TrackPoint/	35 B 518 B	130ms 129ms	Image image/gif	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=| Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type image/gif access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H2	200	gdpr=0;dc_pre=CLWE9dLr9IQDFYLIwgQdIBcO8A;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1? https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CLWE9dLr9IQDFYLIwgQdIBcO8A;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o... https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLWE9dLr9IQDFYLIwgQdIBcO8A;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1	42 B 107 B	90ms 88ms	Image image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLWE9dLr9IQDFYLIwgQdIBcO8A;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 14 Mar 2024 22:51:12 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"10064900676032581059"}],"aggregatable_trigger_data":[{"filters":{"14":["3313423"]},"key_piece":"0x27ba1173316a04c3","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x29d6393523214fa6","not_filters":{"14":["3313423"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["3313423"]},"key_piece":"0x1e8e8ccf5a8feaf0","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x2a593753ddb9d3bb","not_filters":{"14":["3313423"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"4924709891117727376","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10064900676032581059","filters":{"14":["3313423"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"10064900676032581059","filters":{"14":["3313423"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"10064900676032581059","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"10064900676032581059","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["5252003"]}} x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type image/png location https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLWE9dLr9IQDFYLIwgQdIBcO8A;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 access-control-allow-origin * cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	seg secure.adnxs.com/ Redirect Chain https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= https://secure.adnxs.com/seg?add=19609390&t=2	43 B 1 KB	66ms 65ms	Image image/gif	68.67.160.24 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/seg?add=19609390&t=2 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT an-x-request-uuid 974a4385-81ca-4a88-83b5-becd29c545fd server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 96.9.246.196; 96.9.246.196; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers location https://secure.adnxs.com/seg?add=19609390&t=2 Date Thu, 14 Mar 2024 22:51:12 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H2	200	1x1.gif imagesrv.adition.com/ Redirect Chain https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 https://imagesrv.adition.com/1x1.gif	68 B 178 B	309ms 102ms	Image image/gif	217.79.188.60 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://imagesrv.adition.com/1x1.gif Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS imagesrv.adition.com Software / Resource Hash 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin * date Thu, 14 Mar 2024 22:51:12 GMT last-modified Fri, 24 Jul 2009 13:46:10 GMT accept-ranges bytes etag "3122740758" content-length 68 content-type image/gif Redirect headers location https://imagesrv.adition.com/1x1.gif access-control-allow-origin * date Thu, 14 Mar 2024 23:51:12 +0100 content-type text/plain server ADITIONSERVER v1.0 p3p policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	1x1.gif imagesrv.adition.com/ Redirect Chain https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 https://imagesrv.adition.com/1x1.gif	68 B 103 B	310ms 103ms	Image image/gif	217.79.188.60 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://imagesrv.adition.com/1x1.gif Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Server 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS imagesrv.adition.com Software / Resource Hash 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin * date Thu, 14 Mar 2024 22:51:12 GMT last-modified Fri, 24 Jul 2009 13:46:10 GMT accept-ranges bytes etag "3122740758" content-length 68 content-type image/gif Redirect headers location https://imagesrv.adition.com/1x1.gif access-control-allow-origin * date Thu, 14 Mar 2024 23:51:12 +0100 content-type text/plain server ADITIONSERVER v1.0 p3p policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	/ track.adform.net/Serving/TrackPoint/	35 B 518 B	129ms 127ms	Image image/gif	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=| Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type image/gif access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H3	204	dst as.ad4m.at/ad/	0 546 B	138ms 137ms	Image text/plain	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://as.ad4m.at/ad/dst?a=1939&b=2&c=H5IihPTO4ByGgBGBZHSDfFn1ZBz1i1Bz&e=17916&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=86400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} via 1.1 google cross-origin-embedder-policy unsafe-none surrogate-control no-store cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin server cloudflare cross-origin-opener-policy unsafe-none x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 8647d3ba89a443c8-EWR expires 0
GET H2	200	/ www.google.com/pagead/1p-user-list/779437501/	42 B 455 B	121ms 43ms	Image image/gif	2607:f8b0:4006:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/779437501/?random=1710456672269&cv=11&fst=1710453600000&bg=ffffff&guid=ON&async=1&gtm=45be43d0z879577065za201&gcd=13n3n3n3n5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&frm=0&tiba=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&npa=0&data=ads_data_redaction%3Dfalse&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqOoVLXMwCO-8itL_zad2YmiKfeTxrj0dz2-2Yqvr8YMWWg82Q&random=922892154&rmt_tld=0&ipr=y Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	scevent.min.js Show response sc-static.net/ Frame C7ED	44 KB 19 KB	32ms 32ms	Script application/javascript	18.238.74.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: tr.snapchat.com URL: https://tr.snapchat.com/cm/i?pid=d13aed06-63ab-44a0-9e79-e07f11ad396d&u_scsid=2f17fa4d-f478-42a7-96f1-18060d0021f2&u_sclid=18155471-074c-4a5c-9014-6ea40fc7d1fb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.74.246 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-74-246.jfk52.r.cloudfront.net Software CloudFront / Resource Hash 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43 Request headers accept-language en-US,en;q=0.9 Referer https://tr.snapchat.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 18:30:02 GMT content-encoding gzip via 1.1 f80d7132f63b09d3c980a7f84c3ec4a4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop JFK52-P5 age 15670 etag b9bd00ec73544025b937f4253ff9de4c x-cache Hit from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control public, s-maxage=86400, max-age=600 access-control-allow-headers Content-Type content-length 19117 x-amz-cf-id g2Zequ4fMAelqhbldtQRr4mEGf_DLdA_AKg1xj8Wxjt0Ud03wzYgiw==
POST H2	200	p tr.snapchat.com/	0 113 B	86ms 85ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google, 1.1 google server API Gateway access-control-allow-origin https://ian-baltimore-bold-nest.trycloudflare.com x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	p Show response tr.snapchat.com/cm/ Frame 8A44 Redirect Chain https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1710456672496&u_scsid=4831f279-a000-4cc7-917e-db88fec947aa&u_sclid=87b4a765-afe9-45d9-9be2-f23a0dcac5ef https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710369875565%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710369875565%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D https://tr.snapchat.com/cm/p?rand=1710369875565&pnid=140&pcid=a6c996fc-90b4-4d38-a22a-f2d6e44b02dc	0 18 B	75ms 75ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/p?rand=1710369875565&pnid=140&pcid=a6c996fc-90b4-4d38-a22a-f2d6e44b02dc Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://tr.snapchat.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-transform content-length 0 content-type text/html date Thu, 14 Mar 2024 22:51:12 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google, 1.1 google x-envoy-upstream-service-time 2 Redirect headers accept-ch Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64 access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Thu, 14 Mar 2024 22:51:12 GMT location https://tr.snapchat.com/cm/p?rand=1710369875565&pnid=140&pcid=a6c996fc-90b4-4d38-a22a-f2d6e44b02dc p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" server Jetty(11.0.13) strict-transport-security max-age=31536000 via 1.1 google
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 365 B	126ms 48ms	XHR text/plain	2607:f8b0:4004:c08::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73429790-1&cid=1004302136.1710456672&jid=1976954777&gjid=485823541&_gid=1146478238.1710456672&_u=YEBAAEAAAAAAACAEK~&z=1550886762 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 14 Mar 2024 22:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ian-baltimore-bold-nest.trycloudflare.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	d65a51381a.js Show response tm724.ad-srv.net/tm/a/container/eval/	153 B 467 B	517ms 163ms	Script application/javascript	46.4.92.215 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tm724.ad-srv.net/tm/a/container/eval/d65a51381a.js?sid=sh4r1qc382sbkqotom5qck6kgq&rnd=31453437&macroData[transactionId]=&macroData[searchTerm]=&macroData[products]=&macroData[productId]=empty&macroData[productDetails]=&macroData[pageType]=homepage&macroData[pageName]=&macroData[orderValue]=&macroData[checkoutStage]=&macroData[categoryId]= Requested by Host: tm.ad-srv.net URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData2136944516307&rnd=56306451 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.92.215 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.215.92.4.46.clients.your-server.de Software nginx / Resource Hash a0a65d362d4d1aad5427247848e06d4b0feaa8d9ce4372d1c5e3145d3d2661ba Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Mar 2024 22:51:13 GMT Server nginx P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 153 Expires 0
GET H2	200	/ www.facebook.com/tr/	0 274 B	133ms 38ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=764462920400784&ev=PageView&dl=https%3A%2F%2Fian-baltimore-bold-nest.trycloudflare.com%2F&rl=&if=false&ts=1710456672634&sw=1600&sh=1200&v=2.9.149&r=stable&ec=0&o=4126&fbp=fb.2.1710456672628.698049893&cs_est=true&ler=empty&cdl=API_unavailable&it=1710456672381&coo=false&dpo=&tm=1&rqm=GET Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 14 Mar 2024 22:51:12 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	p tr6.snapchat.com/	0 43 B	122ms 77ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr6.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains x-envoy-upstream-service-time 0 via 1.1 google, 1.1 google server API Gateway alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	108ms 107ms	Image image/gif	2607:f8b0:4006:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73429790-1&cid=1004302136.1710456672&jid=1976954777&_u=YEBAAEAAAAAAACAEK~&z=479293112 Requested by Host: ian-baltimore-bold-nest.trycloudflare.com URL: https://ian-baltimore-bold-nest.trycloudflare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ian-baltimore-bold-nest.trycloudflare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	p tr.snapchat.com/	0 17 B	75ms 75ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 14 Mar 2024 22:51:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google, 1.1 google server API Gateway access-control-allow-origin https://ian-baltimore-bold-nest.trycloudflare.com x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	d65a51381a.html Show response tm724.ad-srv.net/tm/a/container/tags/iframe/ Frame 5331	1 KB 905 B	461ms 113ms	Document text/html	46.4.92.215 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tm724.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=sh4r1qc382sbkqotom5qck6kgq Requested by Host: tm.ad-srv.net URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData2136944516307&rnd=56306451 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.92.215 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.215.92.4.46.clients.your-server.de Software nginx / Resource Hash 491ca964d9447b2a25f2136ffc2b5b3135315422292e445949e30e873fe12c72 Request headers Referer https://ian-baltimore-bold-nest.trycloudflare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 14 Mar 2024 22:51:13 GMT Expires 0 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	retarget Show response ad.ad-srv.net/ Frame C2EA	1 KB 1 KB	367ms 136ms	Document text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/retarget?a=61152&version=1 Requested by Host: tm724.ad-srv.net URL: https://tm724.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=sh4r1qc382sbkqotom5qck6kgq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lübbecke, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash 2c05d973308df3aa2b22a39d11f73d1e0736d1dce3638714d2b68039bb7676f6 Request headers Referer https://tm724.ad-srv.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection close Content-Encoding gzip Content-Length 657 Content-Type text/html; charset=UTF-8 Date Thu, 14 Mar 2024 22:51:13 GMT Expires Mon, 26 Jul 1997 05:00:00 GMT P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H2	200	js Show response pixel.mathtag.com/event/ Frame C2EA	161 B 322 B	50ms 49ms	Script text/javascript	151.101.193.91 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/event/js?mt_id=1559605&mt_adid=248420&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1&gdpr=&gdpr_consent= Requested by Host: ad.ad-srv.net URL: https://ad.ad-srv.net/retarget?a=61152&version=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.91 , United States, ASN54113 (FASTLY, US), Reverse DNS Software MT3 1549 cea2cde master ord ord-pixel-x48 config_version:"437" / Resource Hash 98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457 Request headers accept-language en-US,en;q=0.9 Referer https://ad.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0 date Thu, 14 Mar 2024 22:51:14 GMT content-encoding gzip via 1.1 varnish age 0 x-cache MISS p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 165 x-served-by cache-yyz4567-YYZ server MT3 1549 cea2cde master ord ord-pixel-x48 config_version:"437" x-timer S1710456674.479901,VS0,VE17 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control no-cache accept-ranges bytes expires Thu, 14 Mar 2024 22:51:13 GMT
GET H2	200	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/ Frame C2EA Redirect Chain https://track.adform.net/serving/scripts/trackpoint/async/ https://s2.adform.net/banners/scripts/st/trackpoint-async.js	80 KB 31 KB	80ms 79ms	Script application/javascript	185.167.164.44 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: ad.ad-srv.net URL: https://ad.ad-srv.net/retarget?a=61152&version=1 Protocol H2 Server 185.167.164.44 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d Request headers accept-language en-US,en;q=0.9 Referer https://ad.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 22:51:14 GMT content-encoding gzip last-modified Fri, 08 Mar 2024 07:02:31 GMT server nginx x-amz-request-id tx00000bbe73cbd24ef5535-0065eaccdd-3296fce9-default etag W/"1c188eabf1f0749a0cffb2c108473370" x-cache-status HIT, HIT, HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-rgw-object-type Normal cache-control public, max-age=604800 Redirect headers location https://s2.adform.net/banners/scripts/st/trackpoint-async.js date Thu, 14 Mar 2024 22:51:14 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx content-type text/html
GET H/1.1	200 OK	/ Show response ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/ Frame 7165	26 B 331 B	382ms 140ms	Document text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent= Requested by Host: ad.ad-srv.net URL: https://ad.ad-srv.net/retarget?a=61152&version=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lübbecke, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623 Request headers Referer https://ad.ad-srv.net/retarget?a=61152&version=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection close Content-Length 26 Content-Type text/html; charset=UTF-8 Date Thu, 14 Mar 2024 22:51:14 GMT Server Apache
GET H2	200	/ Show response track.adform.net/Serving/TrackPoint/ Frame C2EA	111 B 716 B	136ms 128ms	Script text/javascript	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/Serving/TrackPoint/?pm=2494165&ADFPageName=d23e0719a8&ADFdivider=%7C&ord=15449304410&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D61152%26version%3D1&CPref=https%3A%2F%2Ftm724.ad-srv.net%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Requested by Host: track.adform.net URL: https://track.adform.net/serving/scripts/trackpoint/async/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 7c0a7357302efa38a485672d0fe6d9ebf5c74934b2966ca87393c0ebac434f24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ad.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Thu, 14 Mar 2024 22:51:14 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 186 expires -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

static.zanox.com

URL

https://static.zanox.com/scripts/zanox.js