www.blueharborresort.com Open in urlscan Pro
23.253.164.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blueharbor.vulcan.dynamicservr.com/
Effective URL:
https://www.blueharborresort.com/
Submission Tags: phishingrod
Submission: On November 28 via api (November 28th 2023, 4:27:20 am UTC) from DE — Scanned from DE

Summary HTTP 178 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 23 domains to perform 178 HTTP transactions. The main IP is 23.253.164.218, located in United States and belongs to RACKSPACE, US. The main domain is www.blueharborresort.com.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.

This is the only time www.blueharborresort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.239.198.171 104.239.198.171	19994 (RACKSPACE) (RACKSPACE)
27	23.253.164.218 23.253.164.218	19994 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:1490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::210:a419	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
38	2606:4700:303... 2606:4700:3037::ac43:d68e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
7	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	143.204.215.113 143.204.215.113	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
58	52.211.56.53 52.211.56.53	16509 (AMAZON-02) (AMAZON-02)
4	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
178	24

1 104.239.198.171 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

blueharbor.vulcan.dynamicservr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 23.253.164.218 (United States)

ASN19994 (RACKSPACE, US)

www.blueharborresort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a419 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:3037::ac43:d68e (United States)

ASN13335 (CLOUDFLARENET, US)

placem.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-113.fra53.r.cloudfront.net

pix.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 52.211.56.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

fb.ongfb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	ongfb.com fb.ongfb.com — Cisco Umbrella Rank: 444895 Failed	609 KB
38	placem.at placem.at
27	blueharborresort.com www.blueharborresort.com	21 MB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	322 KB
11	sojern.com static.sojern.com — Cisco Umbrella Rank: 15029 beacon.sojern.com — Cisco Umbrella Rank: 5796 pixel.sojern.com — Cisco Umbrella Rank: 8334	65 KB
9	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 154 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	3 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621	151 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105 fcmatch.google.com — Cisco Umbrella Rank: 4767	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	63 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 4758	432 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	pix.pub pix.pub — Cisco Umbrella Rank: 3774	421 B
1	gstatic.com fonts.gstatic.com	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	dynamicservr.com 1 redirects blueharbor.vulcan.dynamicservr.com	189 B
0	tvsci.net Failed proxy.tvsci.net Failed
0	tvsciapi.com Failed pixel.tvsciapi.com Failed
178	23

	Domain	Requested by
58	fb.ongfb.com	www.blueharborresort.com fb.ongfb.com
38	placem.at	www.blueharborresort.com
27	www.blueharborresort.com	www.blueharborresort.com
12	www.googletagmanager.com	www.blueharborresort.com www.googletagmanager.com
7	static.sojern.com	www.googletagmanager.com www.blueharborresort.com static.sojern.com
5	use.typekit.net	www.blueharborresort.com use.typekit.net
4	cm.g.doubleclick.net	4 redirects
4	www.google-analytics.com	www.blueharborresort.com www.google-analytics.com
3	pixel.sojern.com	static.sojern.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	c1.adform.net	2 redirects
2	ib.adnxs.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	www.google.de	www.blueharborresort.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	connect.facebook.net	www.blueharborresort.com connect.facebook.net
1	match.adsrvr.org	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	adservice.google.com	static.sojern.com
1	beacon.sojern.com	static.sojern.com
1	www.google.com	www.blueharborresort.com
1	www.facebook.com	www.blueharborresort.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pix.pub	www.blueharborresort.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	www.blueharborresort.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	www.blueharborresort.com
1	blueharbor.vulcan.dynamicservr.com	1 redirects
0	proxy.tvsci.net Failed	www.google-analytics.com
0	pixel.tvsciapi.com Failed	www.blueharborresort.com
178	32

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.youtube.com
www.pinterest.com
www.tiktok.com
open.spotify.com
www.chargerback.com

Subject Issuer	Validity	Valid
www.blueharborresort.com R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-06` - `2023-12-05`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
placem.at E1	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
pix.pub Amazon RSA 2048 M02	`2023-11-11` - `2024-12-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fb.ongfb.com Amazon RSA 2048 M01	`2023-09-15` - `2024-10-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.blueharborresort.com/
Frame ID: E8F0DBAB62B3104572549C87E432124B
Requests: 106 HTTP requests in this frame

Frame: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
Frame ID: 547D699E7BF45F9BA2036CDDA6CB880F
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Frame ID: 290440D07202EF0A04FA2DDE1FACC7CB
Requests: 10 HTTP requests in this frame

Frame: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
Frame ID: 65D6299E0BAB1D73C852E5807C873277
Requests: 58 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/splus?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Frame ID: E5441C7999A688B8EBE3EEAAFBD1B5B3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Blue Harbor Resort in Sheboygan, WI | Blue Harbor Resort & Conference Center

Page URL History Show full URLs

https://blueharbor.vulcan.dynamicservr.com/ HTTP 301
https://www.blueharborresort.com/ Page URL

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

178
Requests

96 %
HTTPS

55 %
IPv6

23
Domains

32
Subdomains

24
IPs

5
Countries

23208 kB
Transfer

27210 kB
Size

20
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BlueHarborResort

Search URL Search Domain Scan URL

URL: https://www.instagram.com/blueharborresort/

Search URL Search Domain Scan URL

URL: https://twitter.com/BlueHarborWI

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/blueharborresort/mycompany/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/blueharborresort

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/search/pins/?q=blue%20harbor%20resort

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@blueharborresort
Title: TikTok

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/31gfn7dwqae65e5tizd43mlbnq6e
Title: Spotify

Search URL Search Domain Scan URL

URL: https://www.chargerback.com/ReportLostItemCBEmbed.asp?CustomerID=16055
Title: Lost and Found

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blueharbor.vulcan.dynamicservr.com/ HTTP 301
https://www.blueharborresort.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://ad.doubleclick.net/ddm/activity/src=13063570;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=13063570;dc_pre=CPGNlant5YIDFfYOogMdNOUOhA;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=13063570;dc_pre=CPGNlant5YIDFfYOogMdNOUOhA;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_&sjrn_ula=7714470693 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_&sjrn_ula=7714470693&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_&sjrn_ula=7714470693&google_gid=CAESEG7y7KdYPWyRRmqNff2IHlw&google_cver=1

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoorGWnqz0BISltychLq5dhImACFiiaWVxDJy0EuS8tD-paqwfn0xypgdL2PalwqEPU187OCWB48hRSPpkcCblfo1Rcu6Et8x0iH17CYMLKwfsaR-GY HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoorGWnqz0BISltychLq5dhImACFiiaWVxDJy0EuS8tD-paqwfn0xypgdL2PalwqEPU187OCWB48hRSPpkcCblfo1Rcu6Et8x0iH17CYMLKwfsaR-GY

Request Chain 116

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_ HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DLLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_ HTTP 302
https://pixel.sojern.com/idsync/apn?id=8420947058824372655&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_

Request Chain 118

https://c1.adform.net/serving/cookie/match?cid=56492179-98e3-8188-236c-f718684d79ee&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=56492179-98e3-8188-236c-f718684d79ee&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=938876790558359484&cid=56492179-98e3-8188-236c-f718684d79ee

178 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.blueharborresort.com/
Redirect Chain

https://blueharbor.vulcan.dynamicservr.com/
https://www.blueharborresort.com/

126 KB
13 KB

1169ms
900ms

Document
text/html

23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 29a60f491099b8dac773328e3a4a508510a628332012bb9c91662c512e12dcd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate max-age=600
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 04:27:11 GMT
etag: W/"e8a48d4c535ca34ee743bb170eafb162"
expires: Tue, 28 Nov 2023 04:37:10 GMT
server: nginx
vary: Accept-Encoding X-Forwarded-Protocol

Redirect headers

access-control-allow-origin: *
cache-control: max-age=3600
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 04:27:10 GMT
expires: Tue, 28 Nov 2023 05:27:10 GMT
location: https://www.blueharborresort.com/
server: nginx
x-redirect-by: redirection

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i&display=swap

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c8b7afdf7bbc10af9a099b1a24080acbe6ccbf641921c570a63a9f9c6da35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 04:27:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 04:27:11 GMT

GET
H2 200 jmn3ujm.css
use.typekit.net/ 7 KB
1 KB 65ms
14ms Stylesheet
text/css 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jmn3ujm.css

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d00de694853048e37cf8deceb09190e64c4da8f89a623b391b1176649f0b290c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 28 Nov 2023 04:27:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 986

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
93 KB 69ms
44ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XJNQD650F0

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff8e04ca69878bf812ef1527e9adbbe47282ce0139485a1080e4810e730d2064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 04:27:11 GMT

GET
H2 200 app.css
www.blueharborresort.com/_resources/themes/blueharbor/dist/css/ 381 KB
48 KB 108ms
107ms Stylesheet
text/css 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ca005516a5713e4da3d2534cdde774712d282001837a403f5c00d67fe3c45f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
etag: W/"5f358-5e3a1b1b67941"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 mmenu.css
www.blueharborresort.com/_resources/themes/blueharbor/dist/css/mmenu/ 43 KB
6 KB 217ms
216ms Stylesheet
text/css 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/mmenu/mmenu.css?m=1657658494
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 67ba5f5be884aa1cf25cb14fff81cac1c9e1efd55c0892586d8f66120649a727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
etag: W/"abe2-5e3a1b1b688e1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 BlueHarbor_logo_retina.png
www.blueharborresort.com/assets/Uploads/ 9 KB
9 KB 216ms
215ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/BlueHarbor_logo_retina.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a47d579479be8c35c0564665834524dcc1ae577b7baa48054ae750c59b86db59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Thu, 26 Mar 2020 17:22:35 GMT
server: nginx
etag: "252b-5a1c53b0eacc0"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 9515
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 Home_Header.jpg
www.blueharborresort.com/assets/Uploads/HeaderImages/ 1 MB
1 MB 217ms
216ms Image
image/jpeg 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/HeaderImages/Home_Header.jpg
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0251851897929037e98c54332224139ae5b01ff02b187bb65650bbf19246a5d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 19 May 2020 19:24:41 GMT
server: nginx
etag: "17beed-5a6053b26d040"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 1556205
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 BLACK-FRIDAY-GIFT-CARD-SALE-AT-BLUE-HARBOR-RESORT-WEB-FEATURE.png
www.blueharborresort.com/assets/ 1 MB
1 MB 190ms
186ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/BLACK-FRIDAY-GIFT-CARD-SALE-AT-BLUE-HARBOR-RESORT-WEB-FEATURE.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c31709e02eb4bfef3dd9542f97c417e85ca3a3cad0a42a858763f8c1fa1517a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Sat, 18 Nov 2023 15:06:08 GMT
server: nginx
etag: "17b37f-60a6e97bf917c"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 1553279
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 STAY-AT-BLUE-HARBOR-RESORT-WEBSITE-HEADER.png
www.blueharborresort.com/assets/Uploads/Elements/Features/ 3 MB
3 MB 191ms
186ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/STAY-AT-BLUE-HARBOR-RESORT-WEBSITE-HEADER.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f9c1ee2ed029fe12903be687f1dfe639e8addc2a16b24778eb962fa80a7257b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 07 Mar 2023 16:31:27 GMT
server: nginx
etag: "2a4cfd-5f651f17b3018"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2772221
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 EMAGINING-SHEBOYGAN-BLOG-WITH-BLUE-HARBOR-RESORT-WEBSITE-FEATURE.png
www.blueharborresort.com/assets/Uploads/Elements/Features/ 2 MB
2 MB 191ms
187ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/EMAGINING-SHEBOYGAN-BLOG-WITH-BLUE-HARBOR-RESORT-WEBSITE-FEATURE.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 91bd054e11ce272a3fa39c1f454bfcbc9ea58cf8d2f5c514adc2488ff79ead90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 19 Sep 2023 20:14:36 GMT
server: nginx
etag: "25ab94-605bbe862c696"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2468756
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 PLAY-AT-BLUE-HARBOR-RESORT-WEBSITE-HEADER.png
www.blueharborresort.com/assets/Uploads/Elements/Features/ 3 MB
3 MB 189ms
185ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/PLAY-AT-BLUE-HARBOR-RESORT-WEBSITE-HEADER.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 05e03cda2d3ed40f6615cee5722f9f3ecc945b4b607b99cf3ce706b24cea1eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 07 Mar 2023 16:28:27 GMT
server: nginx
etag: "2ef274-5f651e6b62467"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 3076724
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 DINE-AT-BLUE-HARBOR-RESORT-WEBSITE-HEADER.png
www.blueharborresort.com/assets/Uploads/Elements/Features/ 2 MB
2 MB 189ms
185ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/DINE-AT-BLUE-HARBOR-RESORT-WEBSITE-HEADER.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bff6c91b426f72d50d041c24d1806040d4d0d355e9aafef5b288a4c3d00d595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 07 Mar 2023 16:54:39 GMT
server: nginx
etag: "1a5949-5f652446e53fc"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 1726793
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 THE-BOUTIQUE-AT-BLUE-HARBOR-RESORT-FALL-WINTER-WEBSITE-FEATURE.png
www.blueharborresort.com/assets/Uploads/Elements/Features/ 3 MB
3 MB 189ms
186ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/THE-BOUTIQUE-AT-BLUE-HARBOR-RESORT-FALL-WINTER-WEBSITE-FEATURE.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 617ab5f24ff6e9616ecce313b1760fd1ba0afd6c56677ae59a2ffdf44a1e84a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Sat, 18 Nov 2023 17:12:58 GMT
server: nginx
etag: "2b0288-60a705d58f401"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2818696
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 REFLETIONS-SPA-SALON-AT-BLUE-HARBOR-REOSRT-WEBSITE-HEADER.png
www.blueharborresort.com/assets/Uploads/Elements/Features/ 2 MB
2 MB 189ms
186ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/REFLETIONS-SPA-SALON-AT-BLUE-HARBOR-REOSRT-WEBSITE-HEADER.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 00a481035a5cc1aec267006b0aea236678a8003f02f7734d909325c72fadebb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 07 Mar 2023 16:57:13 GMT
server: nginx
etag: "23e260-5f6524d96a6a8"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2351712
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 GO-BLUE-TO-HELP-PROTECT-THE-GREAT-LAKES-WEBSITE-FEATURE-v3.png
www.blueharborresort.com/assets/Uploads/Elements/Features/ 2 MB
2 MB 189ms
186ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/GO-BLUE-TO-HELP-PROTECT-THE-GREAT-LAKES-WEBSITE-FEATURE-v3.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c941f5254d66313d93bd84763f0b743a50f8bcb60b5911c89fae5ffe7687b340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Wed, 22 Mar 2023 20:29:53 GMT
server: nginx
etag: "196bbb-5f78305c71375"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 1665979
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 Home_Meetings_Subhead__FillWzc2OCwzNTdd.jpg
www.blueharborresort.com/assets/Uploads/Elements/Features/ 305 KB
305 KB 389ms
385ms Image
image/jpeg 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/Home_Meetings_Subhead__FillWzc2OCwzNTdd.jpg
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9165bdd896adffda72f62e0632a5dcd10abc2a0dc846650131610738ab65909e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Thu, 21 May 2020 12:43:10 GMT
server: nginx
etag: "4c3da-5a627dae61380"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 312282
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 Zach-Jindra-Photography-4-Outdoor-Weddings-Blue-Harbor-Resort__FillWzc2OCwzNTdd.jpg
www.blueharborresort.com/assets/Uploads/Elements/Features/ 59 KB
60 KB 390ms
387ms Image
image/jpeg 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Elements/Features/Zach-Jindra-Photography-4-Outdoor-Weddings-Blue-Harbor-Resort__FillWzc2OCwzNTdd.jpg
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: de0d257adb0a92184dc6787fa952bb181e9842b66915e16430012af7dca91bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Fri, 24 Feb 2023 02:49:50 GMT
server: nginx
etag: "ed38-5f5692ee62295"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 60728
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 Pres.jpg
www.blueharborresort.com/assets/Uploads/Rooms/Images/ 661 KB
662 KB 389ms
386ms Image
image/jpeg 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Rooms/Images/Pres.jpg
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fd7b42825141fc0887eeceb002d285ee873fd29a17e7ac60252099ada7b2185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 19 May 2020 19:52:28 GMT
server: nginx
etag: "a52d9-5a6059e833700"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 676569
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 King-Suite-Ground-Level.jpg
www.blueharborresort.com/assets/Uploads/Rooms/Images/ 114 KB
115 KB 389ms
386ms Image
image/jpeg 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Rooms/Images/King-Suite-Ground-Level.jpg
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 90b273829201c8e7b46d67cefeea02a6b68ef0f86ccd2e071ec2bdea2dd51772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 19 May 2020 19:39:47 GMT
server: nginx
etag: "1c9bf-5a605712746c0"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 117183
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 Boat-House-Accessible.jpg
www.blueharborresort.com/assets/Uploads/Rooms/Images/ 518 KB
519 KB 389ms
386ms Image
image/jpeg 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/assets/Uploads/Rooms/Images/Boat-House-Accessible.jpg
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 13305ab5468ea6ba5fa1d0d948c9375b791485f9a209808b21d912b15c8628a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 19 May 2020 19:46:39 GMT
server: nginx
etag: "817b5-5a60589b5e5c0"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 530357
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 footer-graphic.png
www.blueharborresort.com/_resources/themes/blueharbor/dist/images/ 124 KB
125 KB 389ms
387ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/images/footer-graphic.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1bda9d474ed0e632da1b00d16d986f19c629b1fdd2c5786447166a8c50219028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
etag: "1f1cf-5e3a1b1b77342"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 127439
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 logo-rev.png
www.blueharborresort.com/_resources/themes/blueharbor/dist/images/ 11 KB
12 KB 389ms
387ms Image
image/png 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/images/logo-rev.png
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 07e9b8faeda8b1f557097112fd4cd0c85c0672b806ab1cdee25cc3d33a1e5224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
etag: "2de0-5e3a1b1b77342"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 11744
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 scripts-6f170d1.js Show response
www.blueharborresort.com/assets/_combinedfiles/ 331 KB
91 KB 191ms
187ms Script
text/javascript 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/assets/_combinedfiles/scripts-6f170d1.js
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e93ba7febc83a67e6e81e7f4b9312e3e237bf1b540a3ba1e0a18a1c00855ceea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
last-modified: Tue, 12 Jul 2022 20:47:03 GMT
server: nginx
etag: W/"52b0f-5e3a1c55a2c62"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, public
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 rooms-slider_init.js Show response
www.blueharborresort.com/_resources/themes/blueharbor/src/javascript/init/ 760 B
478 B 189ms
185ms Script
text/javascript 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/src/javascript/init/rooms-slider_init.js?m=1657658494
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b68242e0f4c901eafcaa14b7da92a1e0a5278f1dfa9c496a763ba762fc9e92f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
etag: W/"2f8-5e3a1b1ba4203"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, public
expires: Wed, 29 Nov 2023 04:27:11 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 63ms
9ms Stylesheet
text/css 2a02:26f0:780::210:a419
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jmn3ujm&ht=tk&f=13464.13465.13466.13467.24539.24540.24543.24544.24547.24548&a=571579&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jmn3ujm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a419 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 03:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2253
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 Nov 2023 05:49:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
64 KB 46ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFJ5FGH

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b58308299ab80ae2921d8ffbb1d3f70fd13369b95e47376a5a8d980209ca895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65631
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 04:27:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
57 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFWMZ5R

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98a469805e673a0f6fc304b1770a29d31ef8cd917c6825e5332cb2327e87487f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57579
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 04:27:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
45 KB 64ms
42ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6VFC73

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db96cb80da924fa6d0a305d7c2c3086d915fc26631a9506cff60c6a3c43a29a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45528
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 04:27:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 04:27:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: l3IR3C/GGyEVNyPQGR4Ejv9Ee/8hoBK+hCBjWw27j7+lRqnqc7/xSRghvQdXTW/QaU6i6404qkCjwQopYOSj1A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2799914.js Show response
static.hotjar.com/c/ 9 KB
4 KB 90ms
37ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2799914.js?sv=6

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

ea6b66924b44e971aa60b799d880bdffb7fef9af0f99ca383a9907bc222186a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/1b125dd4d3980d77eec9bac2611c8f67
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ROssF5qSeTGmRVgY9UJ_w6nAnU84y0fQzIKoQGe1NldHZGyvDpuQrg==

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
962 B 9ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Nov 2023 04:43:19 GMT

GET
H2 503 things
placem.at/ 0
0 285ms
201ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=11
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 283ms
199ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=292
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 299ms
214ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=277
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 282ms
198ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=12
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 280ms
196ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=101
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 261ms
197ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=37
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 201ms
195ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=14
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 216ms
209ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=15
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 218ms
212ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=16
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 213ms
208ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=217
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 218ms
213ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=18
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 217ms
211ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=119
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 198ms
193ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=20
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 200ms
194ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=21
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 198ms
193ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=22
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 206ms
201ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=169
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 217ms
210ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=176
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 222ms
216ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=24
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 219ms
213ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=158
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 219ms
214ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=25
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 204ms
199ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=30
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 208ms
203ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=28
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 207ms
203ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=80
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 205ms
200ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=29
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 210ms
205ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=35
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 221ms
217ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=33
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 219ms
215ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=210
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 223ms
219ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=26
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 206ms
202ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=34
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 208ms
204ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=253
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 223ms
219ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=254
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 228ms
224ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=259
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 212ms
209ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=248
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 222ms
218ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=117
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 210ms
207ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=151
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 219ms
216ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=274
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 209ms
206ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=319
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 503 things
placem.at/ 0
0 221ms
218ms Image
text/html 2606:4700:3037::ac43:d68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placem.at/things?w=343&h=433&random=102
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
43 KB 32ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:22:04 GMT
x-content-type-options: nosniff
age: 360307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 00:22:04 GMT

GET
H2 200 l
use.typekit.net/af/5855b2/00000000000000003b9b1a98/27/ 39 KB
40 KB 28ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5855b2/00000000000000003b9b1a98/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jmn3ujm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 238579e44cd606f06d8266d6233a0e6330ab5ad1a5a83cc571a40c797437175a

Request headers

Referer: https://use.typekit.net/jmn3ujm.css
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
server: nginx
etag: "6d15c45d64f64175b9a3528cb8f1e719fe42ab00"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40272

GET
H2 200 fa-solid-900.woff2
www.blueharborresort.com/_resources/themes/blueharbor/fonts/fa/ 74 KB
74 KB 224ms
223ms Font
font/woff2 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/fonts/fa/fa-solid-900.woff2
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

Referer: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
accept-ranges: bytes
etag: "127d0-5e3a1b1b7d102"
content-length: 75728
content-type: font/woff2

GET
H2 200 fa-brands-400.woff2
www.blueharborresort.com/_resources/themes/blueharbor/fonts/fa/ 74 KB
74 KB 224ms
223ms Font
font/woff2 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/fonts/fa/fa-brands-400.woff2
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

Referer: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
accept-ranges: bytes
etag: "12648-5e3a1b1b7a222"
content-length: 75336
content-type: font/woff2

GET
H2 200 la-solid-900.woff2
www.blueharborresort.com/_resources/themes/blueharbor/fonts/line-awesome/ 94 KB
95 KB 224ms
223ms Font
font/woff2 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/fonts/line-awesome/la-solid-900.woff2
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Request headers

Referer: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
accept-ranges: bytes
etag: "179f0-5e3a1b1b83e62"
content-length: 96752
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/572508/00000000000000003b9b1a96/27/ 40 KB
40 KB 27ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/572508/00000000000000003b9b1a96/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jmn3ujm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d64e71ecde29d15c97afbe99bef3e7bdd0861fb8fe17ba75c480eedc4e9fb6c7

Request headers

Referer: https://use.typekit.net/jmn3ujm.css
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
server: nginx
etag: "8cd640db673f32c34b3bd81089424b562dee96a8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40772

GET
H2 200 l
use.typekit.net/af/ac6334/000000000000000000012059/27/ 29 KB
29 KB 20ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac6334/000000000000000000012059/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jmn3ujm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba

Request headers

Referer: https://use.typekit.net/jmn3ujm.css
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
server: nginx
etag: "4fc6598b8ab354a0519cf28edb49b1ef3cfa7429"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29676

GET
H2 200 l
use.typekit.net/af/30420e/00000000000000003b9b1a9e/27/ 41 KB
41 KB 32ms
19ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/30420e/00000000000000003b9b1a9e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jmn3ujm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0bde94fcc7e5edc55b3a3757a86dbacfe99bccd136d91f168befd4f849776abd

Request headers

Referer: https://use.typekit.net/jmn3ujm.css
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
server: nginx
etag: "a859da2f81bafd36dfbf1aa7ded93511808dc7c3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 41496

GET
H2 200 la-regular-400.woff2
www.blueharborresort.com/_resources/themes/blueharbor/fonts/line-awesome/ 13 KB
13 KB 296ms
296ms Font
font/woff2 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/fonts/line-awesome/la-regular-400.woff2
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db

Request headers

Referer: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Origin: https://www.blueharborresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:11 GMT
last-modified: Tue, 12 Jul 2022 20:41:34 GMT
server: nginx
accept-ranges: bytes
etag: "3264-5e3a1b1b81f22"
content-length: 12900
content-type: font/woff2

GET
H2 200 576581172684938 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/576581172684938?v=2.9.138&r=stable&domain=www.blueharborresort.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b47d0828b77d14a9b23472ac7a4a106d1a5fec7017e60bcbbac6fae54ae51ee

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 04:27:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: nPbxZLA0ziAMUMDfg8TlR9A7peJda/vOgrScPFCEAvwFiFoPXf/BlbcJCYogx83weeeeyv+1AektWX5l+C1d9w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=394772107&t=pageview&_s=1&dl=https%3A%2F%2Fwww.blueharborresort.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Blue%20Harbor%20Resort%20in%20Sheboygan%2C%20WI%20%7C%20Blue%20Harbor%20Resort%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIRAAAAACAAI~&jid=930963566&gjid=542726162&cid=2039628745.1701145632&tid=G-XJNQD650F0&_gid=733618013.1701145632&_slc=1&z=1564301087

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueharborresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueharborresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 91ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=G-XJNQD650F0&cid=2039628745.1701145632&jid=930963566&gjid=542726162&_gid=733618013.1701145632&_u=KGBAgEIRAAAAAGAAI~&z=1241103037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueharborresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Nov 2023 04:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueharborresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 72ms
25ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2799914.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 397565
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2Fi7AKfqqNl_f2px1YWicgkdJVt3-_qEhsFC6XLQaindNhV73bO9uw==

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 14 KB
15 KB 87ms
8ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6VFC73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e70288e989afaf46c5e8c678a4ca297bf1fb53684d10e1d1d17e726b56e2e289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:57:07 GMT
age: 1805
x-guploader-uploadid: ABPtcPrJVdQGm5176qFM8cFuQPjlgWc6Ts3cNv0xedydcxxGaga435IkIalcNIP0_avk-Alo2b7t-D7SAg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14476
last-modified: Wed, 22 Nov 2023 15:13:47 GMT
server: UploadServer
etag: "5bc77de51854f58fb08babd26708cd4f"
x-goog-generation: 1700666027264328
x-goog-hash: crc32c=sfEmRg==, md5=W8d95RhU9Y+wi6vSZwjNTw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 14476
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:57:07 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=394772107&t=pageview&_s=1&dl=https%3A%2F%2Fwww.blueharborresort.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Blue%20Harbor%20Resort%20in%20Sheboygan%2C%20WI%20%7C%20Blue%20Harbor%20Resort%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEIRAAAAAGAAI~&jid=1161677729&gjid=1741477895&cid=2039628745.1701145632&tid=UA-26371103-1&_gid=733618013.1701145632&_r=1&_slc=1&gtm=45He3b81n81WFWMZ5Rv9101608856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1427595654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueharborresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueharborresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 37ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26371103-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFWMZ5R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84a14bb6625f50eb55e1b58463239aebef340255ea93927d7cfa829db2106f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64639
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 04:27:12 GMT

GET
H2 200 t.png
pix.pub/ 68 B
421 B 68ms
10ms Image
image/png 143.204.215.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.pub/t.png?&t=1701145631979&l=tvscientific-pix-o-094bba59-e5fe-4633-9b86-9623cc6095bb&u3=https%3A%2F%2Fwww.blueharborresort.com%2F
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:03:12 GMT
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 14:38:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 55452
x-amz-server-side-encryption: AES256
etag: "8e31b8b47c618ed73e5b31011d1de037"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: fkLMxWc_WpD4-q30crGO7AmYWBINseEUr2vtMVAKfN7phoJ8LbKToA==

GET pixel
pixel.tvsciapi.com/ 0
0

GET
H2 200 a
www.googletagmanager.com/ 0
57 B 38ms
11ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJ5FGH&v=3&t=t&pid=172200511&cv=5&rv=3b81&tc=9&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.blueharborresort.com%2F&tdp=GTM-WFJ5FGH;101914616;0;0;0&z=0

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 td
www.googletagmanager.com/ 0
130 B 36ms
10ms Image
image/gif 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-WFJ5FGH&v=3&t=t&pid=172200511&cv=5&rv=3b81&tc=9&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.blueharborresort.com%2F&tdp=GTM-WFJ5FGH;101914616;0;0;0&z=0
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 47ms
20ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJ5FGH&v=3&t=t&pid=172200511&cv=5&rv=3b81&tc=9&es=1&e=gtag.config&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=1googtag&ti=2googtag&z=0

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 54ms
28ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJ5FGH&v=3&t=t&pid=172200511&cv=5&rv=3b81&tc=9&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1cl.1lcl.1lcl.1lcl.1lcl&ti=1cl.1lcl.1lcl.1lcl.1lcl&z=0

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 46ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XJNQD650F0&gtm=45je3b81v9103837341z89101914616&_p=1701145631654&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2039628745.1701145632&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701145632&sct=1&seg=0&dl=https%3A%2F%2Fwww.blueharborresort.com%2F&dt=Welcome%20to%20Blue%20Harbor%20Resort%20in%20Sheboygan%2C%20WI%20%7C%20Blue%20Harbor%20Resort%20%26%20Conference%20Center&en=page_view&_fv=1&_ss=1&tfd=2491
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XJNQD650F0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueharborresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 25ms
23ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XJNQD650F0&cid=2039628745.1701145632&gtm=45je3b81v9103837341z89101914616&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XJNQD650F0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueharborresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 42ms
17ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XJNQD650F0&cid=2039628745.1701145632&gtm=45je3b81v9103837341z89101914616&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=149617925

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 23ms
23ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJ5FGH&v=3&t=t&pid=172200511&cv=5&rv=3b81&tc=9&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAACA&h=Ag&z=0

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 34ms
34ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJ5FGH&v=3&t=t&pid=172200511&cv=5&rv=3b81&tc=9&e=gtag.config&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=5googtag&ti=2googtag&z=0

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 404 ajax-loader.gif
www.blueharborresort.com/_resources/themes/blueharbor/dist/images/ 74 KB
74 KB 188ms
188ms Image
text/html 23.253.164.218
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/images/ajax-loader.gif
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.253.164.218 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dd6fb7eaf56091d4cc90b0d2651af62fcea605bba5cfa35e19d5a072a95c235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/css/app.css?m=1657658494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
content-encoding: br
last-modified: Tue, 12 Jul 2022 20:47:03 GMT
server: nginx
etag: W/"12786-5e3a1c54facdb"
vary: Accept-Encoding
content-type: text/html

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26371103-1&cid=2039628745.1701145632&jid=1161677729&gjid=1741477895&_gid=733618013.1701145632&_u=aGDAAEIRAAAAAGAAI~&z=180801616

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueharborresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Nov 2023 04:27:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueharborresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 45ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=576581172684938&ev=PageView&dl=https%3A%2F%2Fwww.blueharborresort.com%2F&rl=&if=false&ts=1701145632148&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701145632145.563845804&cs_est=true&ler=empty&it=1701145631904&coo=false&rqm=GET

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 04:27:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET /
fb.ongfb.com/list/forms_preview/ Frame 547D 0
0

GET
H2 200 s Show response
static.sojern.com/cip/w/ Frame 2904 2 KB
2 KB 9ms
7ms Document
text/html 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Requested by: Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d71d12f5c4fb4751dd4aa62557ed9c052881f0d8df2b17f4aa68cc8d80d6c6a0

Request headers

Referer: https://www.blueharborresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 2066
content-type: text/html
date: Tue, 28 Nov 2023 03:56:34 GMT
etag: "5f51e18ad5697e0b4e48c6aba6f6e360"
expires: Tue, 28 Nov 2023 04:56:34 GMT
last-modified: Fri, 04 Aug 2023 14:37:51 GMT
server: UploadServer
x-goog-generation: 1691159871210588
x-goog-hash: crc32c=oFqY1Q== md5=X1HhitVpfgtOSMarpvbjYA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2066
x-guploader-uploadid: ABPtcPqtJenR43GVxyvRXVIbPabB4dYUsWK-3KNKQKkCyE9HDb5YlR_buoAfWKZmZu3PJcB8L7w

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 48ms
19ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26371103-1&cid=2039628745.1701145632&jid=1161677729&_u=aGDAAEIRAAAAAGAAI~&z=16715484

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 22ms
18ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26371103-1&cid=2039628745.1701145632&jid=1161677729&_u=aGDAAEIRAAAAAGAAI~&z=16715484

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
fb.ongfb.com/list/forms_preview/ Frame 65D6 18 KB
5 KB 382ms
380ms Document
text/html 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Requested by

Host: www.blueharborresort.com
URL: https://www.blueharborresort.com/assets/_combinedfiles/scripts-6f170d1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b22e57d165fd2229977db61580d456770d4bcfda00f16ee513f28b335e8ab0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blueharborresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, X_USERNAME, X_PASSWORD, X_ACCOUNT_CODE, X-Mobile-IR, X-Request-Ir, Authorization
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH
access-control-allow-origin: *
cache-control: max-age=0
content-encoding: gzip
content-length: 4305
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 04:27:12 GMT
expires: Tue, 28 Nov 2023 04:27:12 GMT
p3p: CP='CAO PSA OUR'
server: nginx
strict-transport-security: max-age=86400
vary: Origin Accept-Encoding
x-content-type-options: nosniff
x-permitted-cross-domain-policies: None
x-xss-protection: 1; mode=block

GET
H2 200 browser-perf.28a8c6b22b3c0474c577.js Show response
script.hotjar.com/ 4 KB
2 KB 7ms
6ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2138586
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1589
last-modified: Fri, 03 Nov 2023 10:23:46 GMT
etag: "d065ec1659ab8dbb93042fdf9a225634"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UcSIKEkj28nEy39oM1kS6HQQIsawYOdpdXLhUELYEVt_LDxslCLURg==

POST collect
proxy.tvsci.net/j/ 0
0

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 2904 18 KB
18 KB 14ms
14ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:30:01 GMT
age: 3431
x-guploader-uploadid: ABPtcPq0YEgpUz-5qsAvTvi3S9VMDObH3SCEwfFV-eF3xXUNH_vt7MIZVemp4_9EnpHjcru33aU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:30:01 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 2904 4 KB
4 KB 16ms
15ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:51:13 GMT
age: 2159
x-guploader-uploadid: ABPtcPrgCc7t6wfxNL585I1M5ZmCvusqiii4gs8L4wpLe066fAunpszKi-p939V34Pj8H6ixGWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
last-modified: Mon, 06 Nov 2023 11:24:16 GMT
server: UploadServer
etag: "2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation: 1699269856296451
x-goog-hash: crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4169
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:51:13 GMT

GET
H2 200 352590 Show response
beacon.sojern.com/pixel/p/ Frame 2904 4 KB
1 KB 66ms
17ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/352590?f_v=v6_js&p_v=1&id=352590&cid=https%3A%2F%2Fwww.blueharborresort.com%2F&f_v=v6_js&p_v=1&version=5&ws=1600x1200&tz=-60&vid=hot&domain=https%3A%2F%2Fwww.blueharborresort.com%2F&s=ccid_ga%7Cccid_auto&ccid=2039628745.1701145632%7C10t4i-no8cx-djh2i-gr9hc-zbhey&ref=https%3A%2F%2Fwww.blueharborresort.com%2F&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 6e932b897fa963e267253f1604935035e30c6812ebbdafc3ccd792826211dbc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 838

GET
H3 200 splus Show response
static.sojern.com/cip/w/ Frame E544 2 KB
2 KB 8ms
8ms Document
text/html 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/w/splus?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e887364143c0f8c83b3080f5266d1c5295089a3e96c26f826ef2520104f2f20f

Request headers

Referer: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 1710
content-type: text/html
date: Tue, 28 Nov 2023 04:24:59 GMT
etag: "c9e76e09d10a4fa3d08dc404a7c07514"
expires: Tue, 28 Nov 2023 05:24:59 GMT
last-modified: Mon, 17 Jul 2023 15:50:27 GMT
server: UploadServer
x-goog-generation: 1689609027430970
x-goog-hash: crc32c=MFptag== md5=yeduCdEKT6PQjcQEp8B1FA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1710
x-guploader-uploadid: ABPtcPq_6LJ3jv_ePU6_WvvnPON97NqW4K02_DdnNvNXftL8OMwR2AY1lFpOlpZ49AIf162bSvk

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame E544 18 KB
18 KB 11ms
10ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/splus?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/splus?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:30:01 GMT
age: 3431
x-guploader-uploadid: ABPtcPq0YEgpUz-5qsAvTvi3S9VMDObH3SCEwfFV-eF3xXUNH_vt7MIZVemp4_9EnpHjcru33aU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:30:01 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame E544 4 KB
4 KB 12ms
12ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/splus?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/splus?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:51:13 GMT
age: 2159
x-guploader-uploadid: ABPtcPrgCc7t6wfxNL585I1M5ZmCvusqiii4gs8L4wpLe066fAunpszKi-p939V34Pj8H6ixGWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
last-modified: Mon, 06 Nov 2023 11:24:16 GMT
server: UploadServer
etag: "2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation: 1699269856296451
x-goog-hash: crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4169
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:51:13 GMT

GET
H2

200

src=13063570;dc_pre=CPGNlant5YIDFfYOogMdNOUOhA;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;...
adservice.google.com/ddm/fls/z/ Frame 2904
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=13063570;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
https://ad.doubleclick.net/ddm/activity/src=13063570;dc_pre=CPGNlant5YIDFfYOogMdNOUOhA;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=...
https://adservice.google.com/ddm/fls/z/src=13063570;dc_pre=CPGNlant5YIDFfYOogMdNOUOhA;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;...

42 B
401 B

96ms
47ms

Image
image/gif

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=13063570;dc_pre=CPGNlant5YIDFfYOogMdNOUOhA;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=13063570;dc_pre=CPGNlant5YIDFfYOogMdNOUOhA;type=homep0;cat=blueh0;qty=1;cost=0;u1=https%253A%252F%252Fwww.blueharborresort.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 2904
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoR...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoR...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_&sjrn_ula=7714470693&google_gid=CAESEG7y7KdYPWyRRmqNff2IHlw&google_cver=1

42 B
273 B

18ms
17ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_&sjrn_ula=7714470693&google_gid=CAESEG7y7KdYPWyRRmqNff2IHlw&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_&sjrn_ula=7714470693&google_gid=CAESEG7y7KdYPWyRRmqNff2IHlw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 2904
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=VkkheZjjgYgjbPcYaE157g&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDoorGWnqz0BISltychLq5dhImACFiiaWVxDJy0EuS8tD-paqwfn0xypgdL2PalwqEPU187OCWB48hRSPpkcCblfo1Rcu6Et8x0iH17CYMLKwfsaR-GY
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoorGWnqz0BISltychLq5dhImACFiiaWVxDJy0EuS8tD-paqwfn0xypgdL2PalwqEPU187OCWB48hRSPpkcCblfo1Rcu6Et8x0iH17CYMLKwfsaR-GY

170 B
432 B

128ms
56ms

Image
image/png

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoorGWnqz0BISltychLq5dhImACFiiaWVxDJy0EuS8tD-paqwfn0xypgdL2PalwqEPU187OCWB48hRSPpkcCblfo1Rcu6Et8x0iH17CYMLKwfsaR-GY

Requested by

Protocol

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoorGWnqz0BISltychLq5dhImACFiiaWVxDJy0EuS8tD-paqwfn0xypgdL2PalwqEPU187OCWB48hRSPpkcCblfo1Rcu6Et8x0iH17CYMLKwfsaR-GY
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 2904
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DLLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_
https://pixel.sojern.com/idsync/apn?id=8420947058824372655&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_

42 B
276 B

32ms
23ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=8420947058824372655&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
an-x-request-uuid: 7b22bdd4-b3be-4058-9958-c0116d4715a6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=8420947058824372655&sjrn_id=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2904 70 B
149 B 212ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=LLxx1to8rutfPPqg_lBBxvNslYfz5a_1KlXwcSdeUql93ziEqoRNiSLRdfuYB8y_&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

202

adf
pixel.sojern.com/idsync/ Frame 2904
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=56492179-98e3-8188-236c-f718684d79ee&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=56492179-98e3-8188-236c-f718684d79ee&party=1296
https://pixel.sojern.com/idsync/adf?adfid=938876790558359484&cid=56492179-98e3-8188-236c-f718684d79ee

0
14 B

18ms
17ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=938876790558359484&cid=56492179-98e3-8188-236c-f718684d79ee
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=352590&f_v=v6_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.blueharborresort.com%2F&auto_ccid=10t4i-no8cx-djh2i-gr9hc-zbhey&auto_ga=2039628745.1701145632&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&vid=hot&cid=
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Nov 2023 04:27:12 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=938876790558359484&cid=56492179-98e3-8188-236c-f718684d79ee
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 jquery-1.11.1.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 94 KB
33 KB 317ms
300ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-1.11.1.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 33266
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2443453756"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 reset.css
fb.ongfb.com/media/d63d8075/ongage/css/ Frame 65D6 6 KB
3 KB 80ms
62ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/css/reset.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

16207daf475d8548c66ceaa9914f8a8a8f0e49395a166cd6b16dd0825760c0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2522
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "297456744"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery-ui.structure.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-ui-1.12.1.custom/ Frame 65D6 18 KB
6 KB 48ms
31ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-ui-1.12.1.custom/jquery-ui.structure.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

be04cb97796cfbb0a9344440f7115313eabc509096f1103b09c1a007dc6e1c0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 5524
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "4124968255"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery-ui.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-ui-1.12.1.custom/ Frame 65D6 35 KB
9 KB 78ms
61ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-ui-1.12.1.custom/jquery-ui.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d4820ee2968dfcb7b9c5816a9dcebe2973c521d37388a74d7e1f58fb5fdb128b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 8384
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "854348688"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 bootstrap.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/bootstrap/css/ Frame 65D6 10 KB
3 KB 138ms
121ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/bootstrap/css/bootstrap.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

698cb2b6d9bd7aee8074fc03e8cf764485f9a16bd1a40a5ac52fd853a29d36b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2553
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3633038578"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 bootstrap-custom.css
fb.ongfb.com/media/d63d8075/ongage/css/ Frame 65D6 2 KB
1 KB 81ms
64ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/css/bootstrap-custom.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

70070e096fa3fa85874688ac2b3a4fcc9a60753081fa205d2dffe19803e55c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 724
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "410684010"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 font-awesome.min.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/fontawesome/css/ Frame 65D6 25 KB
5 KB 138ms
122ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fontawesome/css/font-awesome.min.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 4991
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1748366093"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 chosen.min.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/chosen/ Frame 65D6 11 KB
2 KB 82ms
65ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/chosen/chosen.min.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9316779827b1e4c279b179fab2937968a9d9fe4265eb3fe1bc728e3dcbbcec6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2195
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2452042291"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 animate.min.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/animate.css/ Frame 65D6 56 KB
5 KB 139ms
123ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/animate.css/animate.min.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 4205
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2041778281"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 screen.css
fb.ongfb.com/media/d63d8075/ongage/compiled/ Frame 65D6 1021 KB
105 KB 88ms
72ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

095b0c3f86adf23892a3bc927388c719fb4c3263dc5f114bfa703ce18f55b0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 106816
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2605423198"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.fileupload.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/css/ Frame 65D6 655 B
817 B 138ms
122ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/css/jquery.fileupload.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8e49019c2903d7a88be4d6748ad01511cd70bdebe4587eb3eff79d28d4522f65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 398
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1333942113"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.fileupload-ui.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/css/ Frame 65D6 1 KB
949 B 277ms
262ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/css/jquery.fileupload-ui.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4345ed13477289dc6b9ebc599b65b0fae32ef131a5ae9668a142b59a6e52beb0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 530
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3701687535"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 underscore.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 44 KB
13 KB 139ms
123ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/underscore.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7752a8498b0c515609cfb1c62bbf3e50cc27fce6445e6f00283b1ef344283aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 12827
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "41325536"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery-ui-1.12.1.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 248 KB
67 KB 315ms
300ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-ui-1.12.1.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

47816affdf347eca7c96c986ace348336acf104fa96dfdb5768048e1b1c84ef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 67786
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3149340501"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery-ui-timepicker-addon.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 41 KB
10 KB 139ms
124ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-ui-timepicker-addon.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

52a903bd01afd5bd26fa4a4a6819705351157dde0d15b07eb96114eceedbd671

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 9460
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1540493418"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 chosen.jquery.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/chosen/ Frame 65D6 44 KB
9 KB 315ms
300ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/chosen/chosen.jquery.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f80f2593c87a8e69741e7f28274cd6118a0eb1862b2835c07087ef5e837434e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 8475
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3908273513"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 toastr.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/toastr/ Frame 65D6 5 KB
2 KB 139ms
124ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/toastr/toastr.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2013
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "4221900125"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.maskedinput.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 4 KB
2 KB 315ms
301ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery.maskedinput.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d83d7a89f71a3d6d74d2e2571d5246e6ab63654aab03276a1b88cd0baf64ff1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1935
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1427557465"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.formalize.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 5 KB
2 KB 140ms
126ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery.formalize.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ee944fb9738901b4000468feae700c4e3c650a2a9bf00363af984066a9a08c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1574
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1719779829"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.cookie.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 2 KB
1 KB 316ms
301ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery.cookie.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 703
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3375500379"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 json2.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 3 KB
2 KB 138ms
124ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/json2.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

11d0466c10c8428c69ee0ea46bb152a570068202cecdc34337c48661f72dfd3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1372
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2847982570"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 mustache.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 16 KB
5 KB 316ms
302ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/mustache.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6cf443a24bcfa0e8e1c07ebb84604d506b21f4383de627ab2ec37969796cf8a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 4806
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "4167290921"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 icanhaz-no-mustache.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 1 KB
994 B 138ms
124ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/icanhaz-no-mustache.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a4acaed676f896b77bbfab389d95b48878877781f1f9cc6e25f2a30ee1675a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 624
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "4274947575"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 bootstrap.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/bootstrap/js/ Frame 65D6 19 KB
5 KB 317ms
303ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/bootstrap/js/bootstrap.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4e3b0fcfa7f4fc8021bbcc8c481bb466f3c8cbd296077f32a6a02124cab75aaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 4859
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "648933406"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.pagination.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 8 KB
3 KB 138ms
125ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery.pagination.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e4070f447bb729357fc249ddcc66bd9896950197926a19e1dba980d5716fa4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2532
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "891591663"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 highcharts.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 151 KB
56 KB 317ms
304ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/highcharts.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4928aae3a53f803c64fe71e79f8dc5d0fb893194ecf8204675c852f2a6341e54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 56613
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1600133462"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 exporting.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 11 KB
4 KB 138ms
125ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/exporting.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

de0842a87f83cb5098219a6bd9d355432480c3dda2f21e3952dc042896e4379a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 4100
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2074316863"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery-filestyle.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 6 KB
2 KB 317ms
305ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/jquery-filestyle.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d738e4b9fef87f0bc4f6ebae41d0c571cd4a7235ba749c45dd985a500793f001

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1677
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "4252080217"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 htmltotext.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 6 KB
3 KB 137ms
125ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/htmltotext.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0b761ee59d5c017d6780c5b61498634ed3024e7fcdcfdddc803afba53fd600b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2390
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3858858485"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 moment.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/ Frame 65D6 50 KB
17 KB 318ms
305ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/moment.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f6bd69d74f6854a6b65ba9c0207f5aa488f1727b1f0b5dbc37c1ed392ce2cc63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 16770
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2025902186"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 charterize.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 45 KB
12 KB 137ms
125ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/charterize.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ae8eed91bc77d108ce6e4050d9fe25f87be984c16d0af7388959c498fb75ee0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 11787
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3643286476"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 charts.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 22 KB
3 KB 318ms
306ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/charts.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dbd3318ae2d13d394ae7b472ab703cb3c82a5f9acc3eb9346a54a86f5ad87bc3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2605
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3907142922"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 app.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 24 KB
8 KB 138ms
127ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/app.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcbafc221a3fa9901b2bf06438ba14b5a53a0a6878eb88e2e5914fea2eeefd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 7704
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2667586437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 _widgets.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 377 KB
94 KB 318ms
307ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/_widgets.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f50d07cae2d757e23000a99f2daea0a2895f66ea3dd883f290a70cc3d83b7f99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 96229
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2321419583"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 notices.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 4 KB
2 KB 138ms
127ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/notices.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

22494e4f7ae8a93b42105fffc7f6cf8cd18d52121cb76acf512229cdfbdf109b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1600
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1459199592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 helpers.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 54 KB
14 KB 318ms
307ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/helpers.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

11de2ae9cc5730bf0eafa148df538b3cb3b50549aa9ba7874f12b52a0e319c81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 14383
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1565721977"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 _init.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 22 KB
7 KB 136ms
126ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/_init.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

33603fb7b12a041636d48dda872594e25b4069e9a5d35ffc82b02706f13a6fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 7276
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "532882310"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 _frontend.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 2 KB
1 KB 319ms
309ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/_frontend.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

93b98dce5805ce783319c0d38b0c93eb23e5307d56a7449b3e5a0042ce84ac07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 857
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3548303199"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.multiselect.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/ Frame 65D6 10 KB
4 KB 136ms
126ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/jquery.multiselect.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d596c660b0a67f5c078dcad81342b5c54c4c96e5b99e2a9789962aa99a89718d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 3541
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1661821854"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.multiselect.filter.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/filter/ Frame 65D6 5 KB
2 KB 319ms
310ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/filter/jquery.multiselect.filter.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

af292d90fc6db157f9823ee4ef7da9b444f2e75789944a23a88a67f9e52fd023

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2099
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3927330540"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.multiselect.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/ Frame 65D6 2 KB
907 B 132ms
123ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/jquery.multiselect.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a6c6ceace347485b84ee2935d117867a0a5beaab74226b53c315f3e79873630e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 547
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "3410219626"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.multiselect.filter.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/filter/ Frame 65D6 326 B
627 B 308ms
299ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/multiselect/filter/jquery.multiselect.filter.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3ac8a33da3d0080359954f4e75e1b62384e6731524a9b8c53b64ac260a961ea5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 208
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1377900321"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 select2.min.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/select2/dist/css/ Frame 65D6 15 KB
2 KB 132ms
123ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/select2/dist/css/select2.min.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3c8455b1a3f825d57f4c87f5151f141f2e13161f8b891a9e725617bc23c17a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1992
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "486601265"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 select2.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/select2/dist/js/ Frame 65D6 144 KB
32 KB 135ms
127ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/select2/dist/js/select2.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6488155f0b34252cb1cb53a6a86785614b1fa0daf6d87da8e1d325141aca2d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 32649
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2028199241"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 load-image.all.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/load-image/ Frame 65D6 16 KB
6 KB 319ms
311ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/load-image/load-image.all.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

594036c428b463df1ebd7bd6075e341cbb5a6969b10934834ad8cceecac0a40d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 5809
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "786838444"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 canvas-to-blob.min.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/canvas-to-blob/ Frame 65D6 1 KB
896 B 135ms
128ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/canvas-to-blob/canvas-to-blob.min.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

41550d30f9f9de7d51d2735ec1cd61c94fc23d9fd2953a2e0dd94a89ddf52665

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 526
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2087847923"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.iframe-transport.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/ Frame 65D6 10 KB
3 KB 319ms
311ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/jquery.iframe-transport.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e127082f8c4e76952f5a8e1e9a0c2731372ca3f7d800fa9a5ec1bed0a516c2a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2832
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "463655742"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.fileupload.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/ Frame 65D6 62 KB
13 KB 135ms
128ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/jquery.fileupload.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

326007a66ec2d56dd52fee86631021c416be2745ae96994e56227fa76b27b98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 13309
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1563354095"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.fileupload-process.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/ Frame 65D6 6 KB
2 KB 319ms
312ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/jquery.fileupload-process.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b2444e4810920afbf507f775e26dbe16d39c50e2bc959ddac75295f9b12a4fbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1660
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1606668277"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.fileupload-validate.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/ Frame 65D6 4 KB
2 KB 135ms
128ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/jquery.fileupload-validate.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e12b5b0387a5de9d48dd397e776f04c7df8c25bef97884de21896169f30eb87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1298
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1589041768"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 jquery.fileupload-image.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/ Frame 65D6 12 KB
3 KB 319ms
313ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/fileupload/js/jquery.fileupload-image.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2f3a8c4f9df2686a979ae995a83337c451aa9b74b71b8be4500faa506fd3bdd1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2591
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1321390122"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 fileupload.js Show response
fb.ongfb.com/media/d63d8075/ongage/js/ Frame 65D6 21 KB
5 KB 134ms
129ms Script
application/javascript 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/fileupload.js

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

94388e091b9fb03e10ac6d794918b7e396cee2163b215c5b4861c61b4224e249

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:12 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 4995
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "4034601902"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 formalize.css
fb.ongfb.com/media/d63d8075/ongage/css/ Frame 65D6 9 KB
3 KB 34ms
32ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/css/formalize.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa1d1425c0f61bc5be40a552b14d369dd11b84940acc0e9db0f2df8ad8f4a760

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:13 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2525
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "899669615"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:13 GMT

GET
H2 200 jquery.dataTables.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-dt/css/ Frame 65D6 15 KB
3 KB 33ms
31ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-dt/css/jquery.dataTables.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fd5a1153f51609f3820efd93e240f094f049ac5a36a8c97d5337396619fe1e01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:13 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 2312
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2079475001"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:12 GMT

GET
H2 200 fixedHeader.dataTables.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-fixedheader-dt/css/ Frame 65D6 318 B
532 B 34ms
32ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-fixedheader-dt/css/fixedHeader.dataTables.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bdfa016be6eabc7b06a461a4de814b3c3eff78f81b5d488baac27292bc5bca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:13 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 172
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2018634041"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:13 GMT

GET
H2 200 buttons.dataTables.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-buttons-dt/css/ Frame 65D6 10 KB
2 KB 34ms
33ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-buttons-dt/css/buttons.dataTables.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0847edd008235098153f8316b87bb43e9408868cad505759ff74fb0085e8d4ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:13 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 1730
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "1512937971"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:13 GMT

GET
H2 200 colReorder.dataTables.css
fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-colreorder-dt/css/ Frame 65D6 213 B
529 B 34ms
33ms Stylesheet
text/css 52.211.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.ongfb.com/media/d63d8075/ongage/js/libs/datatables.net-colreorder-dt/css/colReorder.dataTables.css

Requested by

Host: fb.ongfb.com
URL: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-56-53.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a8056904aa2d674b1cbaa62a1f27bfd3735ab528f9f085576e6c1002389f7c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.ongfb.com/media/d63d8075/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:13 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: None
p3p: CP='CAO PSA OUR'
content-length: 169
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 10:41:37 GMT
server: nginx
etag: "2002849173"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 04:27:13 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 16ms
15ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJ5FGH&v=3&t=t&pid=172200511&cv=5&rv=3b81&tc=9&es=1&e=gtm.load&eid=16&u=AgAAAAAAAAAAAACA&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueharborresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:27:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tvsciapi.com
URL: https://pixel.tvsciapi.com/pixel?l=tvscientific-pix-o-094bba59-e5fe-4633-9b86-9623cc6095bb

Domain: fb.ongfb.com
URL: https://fb.ongfb.com/list/forms_preview/?tk=833318660_9a3233221d316218ccacce6df3ae67581caaec9e90ab7863ac8093bdd928ff73

Domain: proxy.tvsci.net
URL: https://proxy.tvsci.net/j/collect?v=1&_v=j101&a=394772107&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.blueharborresort.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Blue%20Harbor%20Resort%20in%20Sheboygan%2C%20WI%20%7C%20Blue%20Harbor%20Resort%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUIRAAAAAGAAII~&jid=194956962&gjid=785572190&cid=2039628745.1701145632&tid=UA-26371103-1&_gid=733618013.1701145632&_fplc=0&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=tvscientific-pix-e-dc7402ca-bd6d-4e2e-bdf3-1846f67f75d7&jsscut=1&z=1881550558

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blueharborresort.com/	1970-01-20 16:33:52	Name: _gid Value: GA1.2.733618013.1701145632
.blueharborresort.com/	1970-01-20 16:32:25	Name: _gat Value: 1
.blueharborresort.com/	1970-01-20 16:32:25	Name: _gat_UA-26371103-1 Value: 1
.blueharborresort.com/	1970-01-21 02:08:25	Name: _ga_XJNQD650F0 Value: GS1.1.1701145632.1.0.1701145632.60.0.0
.blueharborresort.com/	1970-01-20 18:42:01	Name: _fbp Value: fb.1.1701145632145.563845804
.blueharborresort.com/	1970-01-21 01:18:01	Name: _hjSessionUser_2799914 Value: eyJpZCI6ImM2ZmEwZTM5LTFlMWMtNTI2OC1hMDFkLTdkNjY5ZWUyNTczMiIsImNyZWF0ZWQiOjE3MDExNDU2MzIyOTQsImV4aXN0aW5nIjpmYWxzZX0=
.blueharborresort.com/	1970-01-20 16:32:27	Name: _hjFirstSeen Value: 1
.blueharborresort.com/	1970-01-20 16:32:27	Name: _hjIncludedInSessionSample_2799914 Value: 0
.blueharborresort.com/	1970-01-20 16:32:27	Name: _hjSession_2799914 Value: eyJpZCI6ImE5NzkwMmM3LTI1N2EtNDc3Ny05NGQyLWY4Nzk4MjU2ZTllNCIsImNyZWF0ZWQiOjE3MDExNDU2MzIyOTUsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.blueharborresort.com/	1970-01-20 16:32:27	Name: _hjAbsoluteSessionInProgress Value: 0
.blueharborresort.com/	1970-01-21 02:08:25	Name: _ga Value: GA1.2.2039628745.1701145632
.blueharborresort.com/	1970-01-20 16:32:25	Name: _gat_gtag_UA_26371103_1 Value: 1
.adnxs.com/	1970-01-20 18:42:01	Name: uuid2 Value: 8420947058824372655
.sojern.com/	1970-01-21 01:18:01	Name: cid Value: 56492179-98e3-8188-236c-f718684d79ee#1701129600000
.sojern.com/	1970-01-20 18:42:01	Name: apnid Value: 8420947058824372655
.adform.net/	1970-01-20 17:15:37	Name: C Value: 1
.doubleclick.net/	1970-01-21 01:54:01	Name: IDE Value: AHWqTUmXr9PXSFil4AKjQsA8GiD3vQyQHr0O-HugBtx4B1e4cGY2kkf4TZTR3JSFxxU
.adform.net/	1970-01-20 17:58:49	Name: uid Value: 938876790558359484
.sojern.com/	1970-01-21 01:18:01	Name: gid Value: CAESEG7y7KdYPWyRRmqNff2IHlw
.sojern.com/	1970-01-21 01:18:01	Name: adfid Value: 938876790558359484

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://placem.at/things?w=343&h=433&random=101 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=37 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=12 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=292 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=11 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=20 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=22 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=21 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=14 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=30 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=29 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=169 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=34 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=28 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=80 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=253 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=277 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=35 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=319 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=151 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=217 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=248 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=15 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=176 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=119 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=16 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=18 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=158 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=25 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=210 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=274 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=24 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=33 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=102 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=117 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=26 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=254 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://placem.at/things?w=343&h=433&random=259 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://pixel.tvsciapi.com/pixel?l=tvscientific-pix-o-094bba59-e5fe-4633-9b86-9623cc6095bb Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.blueharborresort.com/_resources/themes/blueharbor/dist/images/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.blueharborresort.com/ Message: Access to XMLHttpRequest at 'https://proxy.tvsci.net/j/collect?v=1&_v=j101&a=394772107&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.blueharborresort.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Blue%20Harbor%20Resort%20in%20Sheboygan%2C%20WI%20%7C%20Blue%20Harbor%20Resort%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUIRAAAAAGAAII~&jid=194956962&gjid=785572190&cid=2039628745.1701145632&tid=UA-26371103-1&_gid=733618013.1701145632&_fplc=0&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=tvscientific-pix-e-dc7402ca-bd6d-4e2e-bdf3-1846f67f75d7&jsscut=1&z=1881550558' from origin 'https://www.blueharborresort.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://proxy.tvsci.net/j/collect?v=1&_v=j101&a=394772107&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.blueharborresort.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Blue%20Harbor%20Resort%20in%20Sheboygan%2C%20WI%20%7C%20Blue%20Harbor%20Resort%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUIRAAAAAGAAII~&jid=194956962&gjid=785572190&cid=2039628745.1701145632&tid=UA-26371103-1&_gid=733618013.1701145632&_fplc=0&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=tvscientific-pix-e-dc7402ca-bd6d-4e2e-bdf3-1846f67f75d7&jsscut=1&z=1881550558 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
beacon.sojern.com
blueharbor.vulcan.dynamicservr.com
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
fb.ongfb.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
match.adsrvr.org
p.typekit.net
pix.pub
pixel.sojern.com
pixel.tvsciapi.com
placem.at
proxy.tvsci.net
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
static.sojern.com
stats.g.doubleclick.net
use.typekit.net
www.blueharborresort.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
fb.ongfb.com
pixel.tvsciapi.com
proxy.tvsci.net
104.239.198.171
107.178.244.119
13.32.27.54
142.250.185.166
143.204.215.113
15.197.193.217
172.217.18.2
18.66.97.10
2001:4860:4802:32::36
23.253.164.218
2606:4700:3037::ac43:d68e
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9c
2a02:26f0:3500:16::215:1490
2a02:26f0:780::210:a419
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.244.188.9
37.157.3.20
37.252.171.85
52.211.56.53
00a481035a5cc1aec267006b0aea236678a8003f02f7734d909325c72fadebb4
0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba
0251851897929037e98c54332224139ae5b01ff02b187bb65650bbf19246a5d1
05e03cda2d3ed40f6615cee5722f9f3ecc945b4b607b99cf3ce706b24cea1eac
07e9b8faeda8b1f557097112fd4cd0c85c0672b806ab1cdee25cc3d33a1e5224
0847edd008235098153f8316b87bb43e9408868cad505759ff74fb0085e8d4ab
095b0c3f86adf23892a3bc927388c719fb4c3263dc5f114bfa703ce18f55b0f4
0b68242e0f4c901eafcaa14b7da92a1e0a5278f1dfa9c496a763ba762fc9e92f
0b761ee59d5c017d6780c5b61498634ed3024e7fcdcfdddc803afba53fd600b8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bde94fcc7e5edc55b3a3757a86dbacfe99bccd136d91f168befd4f849776abd
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
11d0466c10c8428c69ee0ea46bb152a570068202cecdc34337c48661f72dfd3e
11de2ae9cc5730bf0eafa148df538b3cb3b50549aa9ba7874f12b52a0e319c81
13305ab5468ea6ba5fa1d0d948c9375b791485f9a209808b21d912b15c8628a6
16207daf475d8548c66ceaa9914f8a8a8f0e49395a166cd6b16dd0825760c0e4
1bda9d474ed0e632da1b00d16d986f19c629b1fdd2c5786447166a8c50219028
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
22494e4f7ae8a93b42105fffc7f6cf8cd18d52121cb76acf512229cdfbdf109b
238579e44cd606f06d8266d6233a0e6330ab5ad1a5a83cc571a40c797437175a
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38
29a60f491099b8dac773328e3a4a508510a628332012bb9c91662c512e12dcd1
2f3a8c4f9df2686a979ae995a83337c451aa9b74b71b8be4500faa506fd3bdd1
2f9c1ee2ed029fe12903be687f1dfe639e8addc2a16b24778eb962fa80a7257b
305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
326007a66ec2d56dd52fee86631021c416be2745ae96994e56227fa76b27b98d
33603fb7b12a041636d48dda872594e25b4069e9a5d35ffc82b02706f13a6fba
3ac8a33da3d0080359954f4e75e1b62384e6731524a9b8c53b64ac260a961ea5
3b58308299ab80ae2921d8ffbb1d3f70fd13369b95e47376a5a8d980209ca895
3c8455b1a3f825d57f4c87f5151f141f2e13161f8b891a9e725617bc23c17a2c
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
41550d30f9f9de7d51d2735ec1cd61c94fc23d9fd2953a2e0dd94a89ddf52665
4345ed13477289dc6b9ebc599b65b0fae32ef131a5ae9668a142b59a6e52beb0
44c8b7afdf7bbc10af9a099b1a24080acbe6ccbf641921c570a63a9f9c6da35d
47816affdf347eca7c96c986ace348336acf104fa96dfdb5768048e1b1c84ef3
47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496
4928aae3a53f803c64fe71e79f8dc5d0fb893194ecf8204675c852f2a6341e54
4e3b0fcfa7f4fc8021bbcc8c481bb466f3c8cbd296077f32a6a02124cab75aaa
51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db
52a903bd01afd5bd26fa4a4a6819705351157dde0d15b07eb96114eceedbd671
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
594036c428b463df1ebd7bd6075e341cbb5a6969b10934834ad8cceecac0a40d
5bff6c91b426f72d50d041c24d1806040d4d0d355e9aafef5b288a4c3d00d595
5dd6fb7eaf56091d4cc90b0d2651af62fcea605bba5cfa35e19d5a072a95c235
5fd7b42825141fc0887eeceb002d285ee873fd29a17e7ac60252099ada7b2185
617ab5f24ff6e9616ecce313b1760fd1ba0afd6c56677ae59a2ffdf44a1e84a7
6488155f0b34252cb1cb53a6a86785614b1fa0daf6d87da8e1d325141aca2d45
67ba5f5be884aa1cf25cb14fff81cac1c9e1efd55c0892586d8f66120649a727
698cb2b6d9bd7aee8074fc03e8cf764485f9a16bd1a40a5ac52fd853a29d36b3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf443a24bcfa0e8e1c07ebb84604d506b21f4383de627ab2ec37969796cf8a9
6e932b897fa963e267253f1604935035e30c6812ebbdafc3ccd792826211dbc2
70070e096fa3fa85874688ac2b3a4fcc9a60753081fa205d2dffe19803e55c4e
75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5
7752a8498b0c515609cfb1c62bbf3e50cc27fce6445e6f00283b1ef344283aa1
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
84a14bb6625f50eb55e1b58463239aebef340255ea93927d7cfa829db2106f3d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b47d0828b77d14a9b23472ac7a4a106d1a5fec7017e60bcbbac6fae54ae51ee
8c31709e02eb4bfef3dd9542f97c417e85ca3a3cad0a42a858763f8c1fa1517a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e49019c2903d7a88be4d6748ad01511cd70bdebe4587eb3eff79d28d4522f65
90b273829201c8e7b46d67cefeea02a6b68ef0f86ccd2e071ec2bdea2dd51772
9165bdd896adffda72f62e0632a5dcd10abc2a0dc846650131610738ab65909e
91bd054e11ce272a3fa39c1f454bfcbc9ea58cf8d2f5c514adc2488ff79ead90
9316779827b1e4c279b179fab2937968a9d9fe4265eb3fe1bc728e3dcbbcec6e
93b98dce5805ce783319c0d38b0c93eb23e5307d56a7449b3e5a0042ce84ac07
94388e091b9fb03e10ac6d794918b7e396cee2163b215c5b4861c61b4224e249
98a469805e673a0f6fc304b1770a29d31ef8cd917c6825e5332cb2327e87487f
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
a47d579479be8c35c0564665834524dcc1ae577b7baa48054ae750c59b86db59
a4acaed676f896b77bbfab389d95b48878877781f1f9cc6e25f2a30ee1675a23
a6c6ceace347485b84ee2935d117867a0a5beaab74226b53c315f3e79873630e
a8056904aa2d674b1cbaa62a1f27bfd3735ab528f9f085576e6c1002389f7c55
aa1d1425c0f61bc5be40a552b14d369dd11b84940acc0e9db0f2df8ad8f4a760
ae8eed91bc77d108ce6e4050d9fe25f87be984c16d0af7388959c498fb75ee0d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af292d90fc6db157f9823ee4ef7da9b444f2e75789944a23a88a67f9e52fd023
b22e57d165fd2229977db61580d456770d4bcfda00f16ee513f28b335e8ab0aa
b2444e4810920afbf507f775e26dbe16d39c50e2bc959ddac75295f9b12a4fbc
bdfa016be6eabc7b06a461a4de814b3c3eff78f81b5d488baac27292bc5bca26
be04cb97796cfbb0a9344440f7115313eabc509096f1103b09c1a007dc6e1c0f
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c941f5254d66313d93bd84763f0b743a50f8bcb60b5911c89fae5ffe7687b340
ca005516a5713e4da3d2534cdde774712d282001837a403f5c00d67fe3c45f54
d00de694853048e37cf8deceb09190e64c4da8f89a623b391b1176649f0b290c
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d4820ee2968dfcb7b9c5816a9dcebe2973c521d37388a74d7e1f58fb5fdb128b
d596c660b0a67f5c078dcad81342b5c54c4c96e5b99e2a9789962aa99a89718d
d64e71ecde29d15c97afbe99bef3e7bdd0861fb8fe17ba75c480eedc4e9fb6c7
d71d12f5c4fb4751dd4aa62557ed9c052881f0d8df2b17f4aa68cc8d80d6c6a0
d738e4b9fef87f0bc4f6ebae41d0c571cd4a7235ba749c45dd985a500793f001
d83d7a89f71a3d6d74d2e2571d5246e6ab63654aab03276a1b88cd0baf64ff1c
db96cb80da924fa6d0a305d7c2c3086d915fc26631a9506cff60c6a3c43a29a3
dbd3318ae2d13d394ae7b472ab703cb3c82a5f9acc3eb9346a54a86f5ad87bc3
dcbafc221a3fa9901b2bf06438ba14b5a53a0a6878eb88e2e5914fea2eeefd92
de0842a87f83cb5098219a6bd9d355432480c3dda2f21e3952dc042896e4379a
de0d257adb0a92184dc6787fa952bb181e9842b66915e16430012af7dca91bb1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e127082f8c4e76952f5a8e1e9a0c2731372ca3f7d800fa9a5ec1bed0a516c2a9
e12b5b0387a5de9d48dd397e776f04c7df8c25bef97884de21896169f30eb87f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4070f447bb729357fc249ddcc66bd9896950197926a19e1dba980d5716fa4ba
e70288e989afaf46c5e8c678a4ca297bf1fb53684d10e1d1d17e726b56e2e289
e887364143c0f8c83b3080f5266d1c5295089a3e96c26f826ef2520104f2f20f
e93ba7febc83a67e6e81e7f4b9312e3e237bf1b540a3ba1e0a18a1c00855ceea
ea6b66924b44e971aa60b799d880bdffb7fef9af0f99ca383a9907bc222186a3
ee944fb9738901b4000468feae700c4e3c650a2a9bf00363af984066a9a08c3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f50d07cae2d757e23000a99f2daea0a2895f66ea3dd883f290a70cc3d83b7f99
f6bd69d74f6854a6b65ba9c0207f5aa488f1727b1f0b5dbc37c1ed392ce2cc63
f80f2593c87a8e69741e7f28274cd6118a0eb1862b2835c07087ef5e837434e3
fd5a1153f51609f3820efd93e240f094f049ac5a36a8c97d5337396619fe1e01
ff8e04ca69878bf812ef1527e9adbbe47282ce0139485a1080e4810e730d2064

www.blueharborresort.com Open in urlscan Pro 23.253.164.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

96 %HTTPS

55 %IPv6

23 Domains

32 Subdomains

24 IPs

5 Countries

23208 kBTransfer

27210 kBSize

20 Cookies

9 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.blueharborresort.com Open in urlscan Pro
23.253.164.218 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

96 %
HTTPS

55 %
IPv6

23
Domains

32
Subdomains

24
IPs

5
Countries

23208 kB
Transfer

27210 kB
Size

20
Cookies

178 HTTP transactions
0 data transactions