urlscan.io logo urlscan.io
SecurityTrails logo

update4.s9.baernholdt.com Open in urlscan Pro
78.46.12.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.update4.s9.baernholdt.com/
Effective URL: https://update4.s9.baernholdt.com/
Submission: On February 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 17 domains to perform 47 HTTP transactions. The main IP is 78.46.12.208, located in Germany and belongs to HETZNER-AS, DE. The main domain is update4.s9.baernholdt.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 17th 2020. Valid for: 3 months.
This is the only time update4.s9.baernholdt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    78.46.12.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi5113.your-server.de
www.update4.s9.baernholdt.com
update4.s9.baernholdt.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    104.16.83.55 (United States)

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
2    104.18.73.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:eb:39c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
snap.licdn.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
www.google.co.uk
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net
www.googleadservices.com
Domain Requested by
26 update4.s9.baernholdt.com update4.s9.baernholdt.com
3 v2.zopim.com 2 redirects update4.s9.baernholdt.com
2 www.facebook.com update4.s9.baernholdt.com
2 www.gstatic.com update4.s9.baernholdt.com
www.gstatic.com
2 px.ads.linkedin.com 1 redirects update4.s9.baernholdt.com
2 connect.facebook.net update4.s9.baernholdt.com
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 ssl.google-analytics.com update4.s9.baernholdt.com
2 player.vimeo.com update4.s9.baernholdt.com
1 www.google.co.uk www.gstatic.com
1 ekr.zdassets.com static.zdassets.com
1 www.googleadservices.com www.gstatic.com
1 www.linkedin.com 1 redirects
1 www.google.de update4.s9.baernholdt.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 snap.licdn.com update4.s9.baernholdt.com
1 static.zdassets.com update4.s9.baernholdt.com
1 www.googletagmanager.com update4.s9.baernholdt.com
1 fonts.googleapis.com update4.s9.baernholdt.com
1 www.update4.s9.baernholdt.com 1 redirects
47 21

This site contains links to these domains. Also see Links.

Domain
tatarklubben.dk
my.eventbuizz.com
Subject Issuer Validity Valid
update4.s9.baernholdt.com
Let's Encrypt Authority X3		 2020-02-17 -
2020-05-17		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.vimeo.com
DigiCert SHA2 Secure Server CA		 2018-08-24 -
2020-04-02		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.zdassets.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-25 -
2021-05-31		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2021-06-29		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.zopim.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-06 -
2020-12-29		 3 years crt.sh

This page contains 3 frames:

Primary Page: https://update4.s9.baernholdt.com/
Frame ID: 40029C1EA5E50439231FB3A11F55701B
Requests: 46 HTTP requests in this frame

Frame: https://player.vimeo.com/video/315194264?autoplay=1&loop=1&title=0&byline=0&portrait=0
Frame ID: 569A50896733DF45E3390B4641CADA72
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 669FEA58A80C00EBF702BCD0AE2035F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.update4.s9.baernholdt.com/ HTTP 301
    https://update4.s9.baernholdt.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /v2\.zopim\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

72 %
IPv6

17
Domains

21
Subdomains

16
IPs

5
Countries

1740 kB
Transfer

3101 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.update4.s9.baernholdt.com/ HTTP 301
    https://update4.s9.baernholdt.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://v2.zopim.com/?5g3zyfL7m1x2qloWogf0cdsj1gGv4k22 HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 35
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=576142950&t=pageview&_s=1&dl=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&ul=en-us&de=UTF-8&dt=Tatarklubben%20-%20Brand%20Leaders%27%20Business%20Club&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=48141923.1246640331.1581952311.1581952311.1581952311.1&_utmz=48141923.1581952311.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1581952311216&_u=YQBCAAAB~&jid=920677210&gjid=199177356&cid=1246640331.1581952311&tid=UA-116967622-1&_gid=1985053564.1581952311&_r=1&gtm=2wg250MB486R9&z=195623499 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_gid=1985053564.1581952311&gjid=199177356&_v=j81&z=195623499 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_v=j81&z=195623499 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_v=j81&z=195623499&slf_rd=1&random=1698356061
Request Chain 36
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=594556&url=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&time=1581952311231 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D594556%26url%3Dhttps%253A%252F%252Fupdate4.s9.baernholdt.com%252F%26time%3D1581952311231%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=594556&url=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&time=1581952311231&liSync=true
Request Chain 44
  • https://v2.zopim.com/w?5g3zyfL7m1x2qloWogf0cdsj1gGv4k22 HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.326.js

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
update4.s9.baernholdt.com/
Redirect Chain
  • https://www.update4.s9.baernholdt.com/
  • https://update4.s9.baernholdt.com/
32 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
0a7e5c652b4eb7acff2d26e1168a4d279f019307c903df24f8e8f47c795c9753

Request headers

:method
GET
:authority
update4.s9.baernholdt.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Mon, 17 Feb 2020 15:11:50 GMT
server
Apache
link
<https://update4.s9.baernholdt.com/wp-json/>; rel="https://api.w.org/"
content-type
text/html; charset=UTF-8

Redirect headers

status
301
date
Mon, 17 Feb 2020 15:11:50 GMT
server
Apache
location
https://update4.s9.baernholdt.com/
content-length
0
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		5 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 15:11:51 GMT
server
ESF
date
Mon, 17 Feb 2020 15:11:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Feb 2020 15:11:51 GMT
unslider.css
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/css/unslider.css
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
607646543294c47e9a075786f12e4e8e0768014fcc0d8492c6b10f60c9910e66

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"699-59ec6ecca1c67"
content-type
text/css
status
200
accept-ranges
bytes
content-length
1689
bootstrap.css
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/css/ 		71 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/css/bootstrap.css
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
5a82081f95861e2860aceda7e3bd5edad68a5d80bf387b1e6b579e099a99d5d1

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"11be8-59ec6ecca1c67"
content-type
text/css
status
200
accept-ranges
bytes
content-length
72680
style.css
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/style.css?v=1.8
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
11b8aee65b2a632e65a2164514b58dab86a8513928b6510408390df767b21805

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"5845-59ec6ecca1c67"
content-type
text/css
status
200
accept-ranges
bytes
content-length
22597
front.min.css
update4.s9.baernholdt.com/wp-content/plugins/cookie-notice/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=4.6.17
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
6072346067391650cc9f1c7648c4b1db11072aa9972ad5b34c1e5911d33a0412

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"881-59ec6ecc3272c"
content-type
text/css
status
200
accept-ranges
bytes
content-length
2177
jquery.js
update4.s9.baernholdt.com/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:18 GMT
server
Apache
etag
"17a6a-59ec6ecdab65b"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
96874
jquery-migrate.min.js
update4.s9.baernholdt.com/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:18 GMT
server
Apache
etag
"2748-59ec6ecdab65b"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
10056
front.min.js
update4.s9.baernholdt.com/wp-content/plugins/cookie-notice/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.41
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
bd18bf9d0080e98d32c0b7154517e6da7fefa8bb128081ff69317f3660cead51

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"764-59ec6ecc3272c"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1892
jquery.min.js
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/js/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/js/jquery.min.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
f8e5351fc39356f8f94d7f334b11f9a0f44a67a9461bbd3e8be10cf44acdf780

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"1514d-59ec6ecca1c67"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
86349
unslider.js
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/js/unslider.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
dbb122e8d64002179151d4b885c054ab4673cafa5ae4ec2e46118c36c33a1efe

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"5cb4-59ec6ecca1c67"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
23732
iframeResizer.js
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/js/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/js/iframeResizer.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
b8f16b96bd1af8c9575921009711a7eaa6e1e2fbb14da40a631be143c3b4518a

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"85bc-59ec6ecca1c67"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
34236
tatarklubben_black.png
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/tatarklubben_black.png
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
14f017baccd074b8a7e08b03ab1c58986d5895b5716ecddd8b228a63e5bdb9b3

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"f8a9-59ec6ecc3466c"
content-type
image/png
status
200
accept-ranges
bytes
content-length
63657
signup_download_desktop.jpg
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/signup_download_desktop.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
6032822d046d80c22e95297341947d8c696f512922bb0ea3ceddfa9927204945

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"b68b-59ec6ecc3466c"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
46731
signup_download_mobile.jpg
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/signup_download_mobile.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
bac27517992f234085808a524c744317e75ca1ea003d03ab0cfb8bad2b6abd14

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"b7d0-59ec6ecc3466c"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
47056
menu-icon.svg
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/ 		600 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/menu-icon.svg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
0da29417832c99400a36aa9a599de9e63adfb9427994938d38a116232fdb64eb

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"258-59ec6ecca1c67"
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
600
Banner-wide.jpg
update4.s9.baernholdt.com/wp-content/uploads/2019/11/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/uploads/2019/11/Banner-wide.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
25917d86afcc9bb6629fe1b4bd0502642bf725895df56e1949c469987666ab2f

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:17 GMT
server
Apache
etag
"14b60-59ec6eccc9d05"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
84832
Banner-wide-1.jpg
update4.s9.baernholdt.com/wp-content/uploads/2019/11/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/uploads/2019/11/Banner-wide-1.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
05a76e3af8704137537b22ffa6eb30f2b710d9052c3831da3a388af721dd7132

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:17 GMT
server
Apache
etag
"1c819-59ec6ecccaca5"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
116761
Banner-Wide-Blockchain-for-Business.jpg
update4.s9.baernholdt.com/wp-content/uploads/2019/09/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/uploads/2019/09/Banner-Wide-Blockchain-for-Business.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
b0fd2c3318f89db804d550bcb181638c13b5f21cf17961eef4539b8568471837

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:17 GMT
server
Apache
etag
"1aa77-59ec6ecccfac5"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
109175
Banner-wide-3.jpg
update4.s9.baernholdt.com/wp-content/uploads/2019/11/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/uploads/2019/11/Banner-wide-3.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
84ae00fbdd8ed6280905ee3302c40106a6663684d45efa7524d2567e24c0c604

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:17 GMT
server
Apache
etag
"25b24-59ec6ecccbc45"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
154404
Banner-wide.jpg
update4.s9.baernholdt.com/wp-content/uploads/2020/02/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/uploads/2020/02/Banner-wide.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
be03c720add62150077960e86becb6c02d11ce7b0797a1ecc9585ecd63f9b67c

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"1996b-59ec6eccac846"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
104811
Couples-that-Work-Banner-wide.jpg
update4.s9.baernholdt.com/wp-content/uploads/2020/02/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/uploads/2020/02/Couples-that-Work-Banner-wide.jpg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
51824c4435b81912b4498254076dff7dc3c4d3075594e6aa22dfcbdf124e3574

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"17619-59ec6eccac846"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
95769
player.js
player.vimeo.com/api/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c889f8be02dd3f558aa62eecb48553fb5a306c9fff0951bd97ff3b40a46875e0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

X-Varnish-Cache
0
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Age
796
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Cache-Hits
1216
Connection
keep-alive
Content-Encoding
gzip
X-VServer
infra-playproxy-a-4
Content-Length
5193
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4042-HHN
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1581952311.255844,VS0,VE0
Date
Mon, 17 Feb 2020 15:11:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges
bytes
Expires
Mon, 17 Feb 2020 15:28:35 GMT
hbr-logo_neg.svg
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/images/hbr-logo_neg.svg
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
500fcaba89847438d309c7a2380f3b879c38e41ff74881d2d64910056dd305bd

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"4965-59ec6ecc336cc"
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
18789
wp-embed.min.js
update4.s9.baernholdt.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-includes/js/wp-embed.min.js?ver=4.6.17
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
66ec2c2139c31c4b7f71e43a6069d860a12c6b7015f90e17b2755f7ea5178016

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:18 GMT
server
Apache
etag
"57b-59ec6ecdac5fb"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1403
scripts.js
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/scripts.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
899bbe31b482c95a7c2e41207a1aa70a1f73ee821c1d09e5508ab6a279f51b33

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"12cf-59ec6ecca1c67"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4815
gtm.js
www.googletagmanager.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB486R9
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67d1b06fdeaf674411b567dded8bb52d98ce3fd0aed9181d6f7295359573712e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
23513
x-xss-protection
0
expires
Mon, 17 Feb 2020 15:11:51 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2237
date
Mon, 17 Feb 2020 14:34:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Mon, 17 Feb 2020 16:34:34 GMT
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?5g3zyfL7m1x2qloWogf0cdsj1gGv4k22
  • https://static.zdassets.com/ekr/asset_composer.js
24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9a091912e1429ac42793ae50ba42bf025d4d2a6cd4261fbd0fe546e7fdc04d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
content-encoding
br
cf-cache-status
HIT
age
16
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
A26C6FAD64800E8F
x-amz-id-2
pIG3ewRDYZ31gIKGW5A6cRgonb6NWT4BIJvm+R7wShJEhBlnVr0glefCvN5ZLHIsPtxEL+ovV9I=
last-modified
Fri, 14 Feb 2020 00:37:35 GMT
server
cloudflare
etag
W/"6084772ba40e90778e01c5e012eadcda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
1dThsIV8Gk17S8Ce6gK3X_kq0RhHNhBU
cf-ray
5668b239af10e640-LHR

Redirect headers

date
Mon, 17 Feb 2020 15:11:51 GMT
cf-cache-status
HIT
server
cloudflare
age
3912
location
https://static.zdassets.com/ekr/asset_composer.js
etag
"5e4a01c8-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
302
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
5668b2392c50354c-LHR
content-length
0
expires
Mon, 17 Feb 2020 18:06:39 GMT
wp-emoji-release.min.js
update4.s9.baernholdt.com/wp-includes/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-includes/js/wp-emoji-release.min.js?ver=4.6.17
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
29499e2b5d5cbd39647f55746440396d62f8c10c610e6e8bb4a2587030d986e1

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:18 GMT
server
Apache
etag
"28ae-59ec6ecdab65b"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
10414
315194264
player.vimeo.com/video/ Frame 569A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/315194264?autoplay=1&loop=1&title=0&byline=0&portrait=0
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://update4.s9.baernholdt.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://update4.s9.baernholdt.com/

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Mon, 17 Feb 2020 15:21:44 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-3
X-Vimeo-DC
ge
Content-Length
8956
Accept-Ranges
bytes
Date
Mon, 17 Feb 2020 15:11:51 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-hhn4059-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1581952311.255193,VS0,VE96
Vary
Accept-Encoding
librebaskerville-regular-webfont.woff2
update4.s9.baernholdt.com/wp-content/themes/tatarklubben/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/fonts/librebaskerville-regular-webfont.woff2
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi5113.your-server.de
Software
Apache /
Resource Hash
28bd812ed08960f010721323cb11c5810a5c4faaca62e30d9e19ff973e144766

Request headers

Referer
https://update4.s9.baernholdt.com/wp-content/themes/tatarklubben/style.css?v=1.8
Origin
https://update4.s9.baernholdt.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Mon, 17 Feb 2020 15:08:16 GMT
server
Apache
etag
"70b4-59ec6ecca1c67"
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
28852
__utm.gif
ssl.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1520422538&utmhn=update4.s9.baernholdt.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tatarklubben%20-%20Brand%20Leaders%27%20Business%20Club&utmhid=576142950&utmr=-&utmp=%2F&utmht=1581952311178&utmac=UA-19322744-8&utmcc=__utma%3D48141923.1246640331.1581952311.1581952311.1581952311.1%3B%2B__utmz%3D48141923.1581952311.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1035092923&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 15:11:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB486R9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2299
date
Mon, 17 Feb 2020 14:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 17 Feb 2020 16:33:32 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
WEqsd6cfw0KXnCorDxX8kEd7QLOocjVZYeDM6RhnzBvWIkkHCM6c/GObVYM4JgwcxMD903Y7aymW0tY5hgFcdQ==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 15:11:51 GMT, Mon, 17 Feb 2020 15:11:51 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:39c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 15:11:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=35961
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=576142950&t=pageview&_s=1&dl=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&ul=en-us&de=UTF-8&dt=Tatarklubben%20-%20Brand%20Leaders%27%20Business...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_gid=1985053564.1581952311&gjid=199177356&_v=j81&z=195623499
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_v=j81&z=195623499
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_v=j81&z=195623499&slf_rd=1&random=1698356061
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_v=j81&z=195623499&slf_rd=1&random=1698356061
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 15:11:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 15:11:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116967622-1&cid=1246640331.1581952311&jid=920677210&_v=j81&z=195623499&slf_rd=1&random=1698356061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=594556&url=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&time=1581952311231
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D594556%26url%3Dhttps%253A%252F%252Fupdate4.s9.baernholdt.com%252F%26time%3D158195...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=594556&url=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&time=1581952311231&liSync=true
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=594556&url=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&time=1581952311231&liSync=true
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
GHkl6z459BXQuJJgmisAAA==

Redirect headers

date
Mon, 17 Feb 2020 15:11:51 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
status
302
strict-transport-security
max-age=2592000
content-length
0
x-xss-protection
1; mode=block
server
Play
pragma
no-cache
x-li-pop
prod-efr5
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
hyGb5D459BVgHxglNCsAAA==
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=594556&url=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&time=1581952311231&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
x-li-fabric
prod-lva1
expires
Thu, 01 Jan 1970 00:00:00 GMT
2163207067232793
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2163207067232793?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba5c4cb670aa452650da2acfebfd0f98c855f78c95f753b80d372aa1e61ea2c1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
9HCr057gbgTSN2A5NMP0fQ7/Xk4KW68vT0IP/669vxdOffVXXK1yPrvGnI54biWw33Z7NPs6COePHEhYQU+J4Q==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 15:11:51 GMT, Mon, 17 Feb 2020 15:11:51 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
www.gstatic.com/wcm/ 		422 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 14:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Oct 2019 19:45:00 GMT
server
sffe
age
2162
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
286
x-xss-protection
0
expires
Mon, 17 Feb 2020 15:35:49 GMT
impl-1_32.js
www.gstatic.com/wcm/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/impl-1_32.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 10 Feb 2020 17:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Aug 2019 17:45:00 GMT
server
sffe
age
595449
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12298
x-xss-protection
0
expires
Tue, 09 Feb 2021 17:47:42 GMT
/
www.facebook.com/tr/ 		44 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2163207067232793&ev=PageView&dl=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&rl=&if=false&ts=1581952311338&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581952311337.2095501440&it=1581952311241&coo=false&rqm=GET
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT, Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 15:11:51 GMT
wcm
www.googleadservices.com/pagead/conversion/811197184/ 		42 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/811197184/wcm?cl=CA_HCJylhIABEIDG54ID&fb=33117300&callback=corscb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
a6c3244af3201ea8c9aa76f5568f750302ee29b0159316177b93d7975b72fc16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
Origin
https://update4.s9.baernholdt.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://update4.s9.baernholdt.com
cache-control
private
access-control-allow-credentials
true
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
62
x-xss-protection
0
5g3zyfL7m1x2qloWogf0cdsj1gGv4k22
ekr.zdassets.com/compose/zopim_chat/ 		182 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/5g3zyfL7m1x2qloWogf0cdsj1gGv4k22
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f975982f155c5309644446798bd35d3489a0849e8d956c9f446bce3e2fa00e2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://update4.s9.baernholdt.com/
Origin
https://update4.s9.baernholdt.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200, 200 OK
strict-transport-security
max-age=0
x-request-id
fe93cf98-2d97-44df-a0cc-59624fe73927
x-runtime
0.007850
server
cloudflare
etag
W/"0f975982f155c5309644446798bd35d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=600, s-maxage=60
cf-ray
5668b23a4cc369e1-LHR
wcm
www.google.co.uk/pagead/attribution/ 		17 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.co.uk/pagead/attribution/wcm?cl=CA_HCJylhIABEIDG54ID&fb=33117300&use_ssct=1&callback=corscb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://update4.s9.baernholdt.com/
Origin
https://update4.s9.baernholdt.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://update4.s9.baernholdt.com
cache-control
private
access-control-allow-credentials
true
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37
x-xss-protection
0
widget_v2.326.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/w?5g3zyfL7m1x2qloWogf0cdsj1gGv4k22
  • https://v2.zopim.com/bin/v/widget_v2.326.js
1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.326.js
Requested by
Host: update4.s9.baernholdt.com
URL: https://update4.s9.baernholdt.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.83.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42566eb5907811d264147fffc6ff7575eb10f5c63045fef8398286bc1cc11395

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Feb 2020 08:31:02 GMT
server
cloudflare
age
461006
etag
W/"5e426646-103442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=315360000
cf-ray
5668b23bdea8354c-LHR
expires
Thu, 14 Feb 2030 15:11:51 GMT

Redirect headers

date
Mon, 17 Feb 2020 15:11:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
"5e4a01c8-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://v2.zopim.com/bin/v/widget_v2.326.js
content-type
application/octet-stream
status
302
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
5668b23b8e73354c-LHR
content-length
0
expires
Mon, 17 Feb 2020 19:11:51 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2163207067232793&ev=Microdata&dl=https%3A%2F%2Fupdate4.s9.baernholdt.com%2F&rl=&if=false&ts=1581952311840&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tatarklubben%20-%20Brand%20Leaders%27%20Business%20Club%22%2C%22meta%3Adescription%22%3A%22Brand%20Leaders%27%20Business%20Club%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Tatarklubben%20-%20Brand%20Leaders%27%20Business%20Club%22%2C%22og%3Adescription%22%3A%22Brand%20Leaders%27%20Business%20Club%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fupdate4.s9.baernholdt.com%2F%22%2C%22og%3Asite_name%22%3A%22Tatarklubben%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fupdate4.s9.baernholdt.com%2F%22%2C%22name%22%3A%22Tatarklubben%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fupdate4.s9.baernholdt.com%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581952311337.2095501440&it=1581952311241&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://update4.s9.baernholdt.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:11:51 GMT, Mon, 17 Feb 2020 15:11:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 15:11:51 GMT
truncated
/ Frame 669F 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

Origin
https://update4.s9.baernholdt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/font-woff

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| _gaq function| $zopim object| _wpemojiSettings function| $ function| jQuery object| cnArgs function| iFrameResize object| _gat object| gaGlobal object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids object| google_tag_data object| gaplugins object| gaData function| lintrk boolean| _already_called_lintrk object| twemoji object| wp object| Vimeo boolean| VimeoPlayerResizeEmbeds_ function| _googWcmImpl string| _googWcmAk function| _googWcmGet object| zEWebpackACJsonp function| setImmediate function| clearImmediate function| _googWccDebug string| google_wcc_status boolean| zEACLoaded

12 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: player
Value: ""
.update4.s9.baernholdt.com/ Name: __utmz
Value: 48141923.1581952311.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.update4.s9.baernholdt.com/ Name: __utmt
Value: 1
.baernholdt.com/ Name: _fbp
Value: fb.1.1581952311337.2095501440
update4.s9.baernholdt.com/ Name: gwcc
Value: %7B%22fallback%22%3A%2233117300%22%2C%22clabel%22%3A%22CA_HCJylhIABEIDG54ID%22%2C%22backoff%22%3A86400%2C%22backoff_expires%22%3A1582038711%7D
.update4.s9.baernholdt.com/ Name: _gat_UA-116967622-1
Value: 1
.update4.s9.baernholdt.com/ Name: _ga
Value: GA1.4.1246640331.1581952311
.update4.s9.baernholdt.com/ Name: __utmb
Value: 48141923.1.10.1581952311
.vimeo.com/ Name: vuid
Value: pl689638285.1434957086
.update4.s9.baernholdt.com/ Name: __utmc
Value: 48141923
.update4.s9.baernholdt.com/ Name: _gid
Value: GA1.4.1985053564.1581952311
.update4.s9.baernholdt.com/ Name: __utma
Value: 48141923.1246640331.1581952311.1581952311.1581952311.1

1 Console Messages

Source Level URL
Text
console-api log URL: https://update4.s9.baernholdt.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
ekr.zdassets.com
fonts.googleapis.com
player.vimeo.com
px.ads.linkedin.com
snap.licdn.com
ssl.google-analytics.com
static.zdassets.com
stats.g.doubleclick.net
update4.s9.baernholdt.com
v2.zopim.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.update4.s9.baernholdt.com
104.16.83.55
104.18.73.113
151.101.112.217
172.217.21.194
2a00:1450:4001:808::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
2a00:1450:4001:81c::2008
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9d
2a02:26f0:eb:39c::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
78.46.12.208
05a76e3af8704137537b22ffa6eb30f2b710d9052c3831da3a388af721dd7132
0a7e5c652b4eb7acff2d26e1168a4d279f019307c903df24f8e8f47c795c9753
0da29417832c99400a36aa9a599de9e63adfb9427994938d38a116232fdb64eb
0f975982f155c5309644446798bd35d3489a0849e8d956c9f446bce3e2fa00e2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b8aee65b2a632e65a2164514b58dab86a8513928b6510408390df767b21805
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14f017baccd074b8a7e08b03ab1c58986d5895b5716ecddd8b228a63e5bdb9b3
25917d86afcc9bb6629fe1b4bd0502642bf725895df56e1949c469987666ab2f
28bd812ed08960f010721323cb11c5810a5c4faaca62e30d9e19ff973e144766
29499e2b5d5cbd39647f55746440396d62f8c10c610e6e8bb4a2587030d986e1
298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159
2c9a091912e1429ac42793ae50ba42bf025d4d2a6cd4261fbd0fe546e7fdc04d
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
42566eb5907811d264147fffc6ff7575eb10f5c63045fef8398286bc1cc11395
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
500fcaba89847438d309c7a2380f3b879c38e41ff74881d2d64910056dd305bd
51824c4435b81912b4498254076dff7dc3c4d3075594e6aa22dfcbdf124e3574
5a82081f95861e2860aceda7e3bd5edad68a5d80bf387b1e6b579e099a99d5d1
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6032822d046d80c22e95297341947d8c696f512922bb0ea3ceddfa9927204945
6072346067391650cc9f1c7648c4b1db11072aa9972ad5b34c1e5911d33a0412
607646543294c47e9a075786f12e4e8e0768014fcc0d8492c6b10f60c9910e66
66ec2c2139c31c4b7f71e43a6069d860a12c6b7015f90e17b2755f7ea5178016
67d1b06fdeaf674411b567dded8bb52d98ce3fd0aed9181d6f7295359573712e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ae00fbdd8ed6280905ee3302c40106a6663684d45efa7524d2567e24c0c604
899bbe31b482c95a7c2e41207a1aa70a1f73ee821c1d09e5508ab6a279f51b33
9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7
a6c3244af3201ea8c9aa76f5568f750302ee29b0159316177b93d7975b72fc16
b0fd2c3318f89db804d550bcb181638c13b5f21cf17961eef4539b8568471837
b8f16b96bd1af8c9575921009711a7eaa6e1e2fbb14da40a631be143c3b4518a
ba5c4cb670aa452650da2acfebfd0f98c855f78c95f753b80d372aa1e61ea2c1
bac27517992f234085808a524c744317e75ca1ea003d03ab0cfb8bad2b6abd14
bd18bf9d0080e98d32c0b7154517e6da7fefa8bb128081ff69317f3660cead51
be03c720add62150077960e86becb6c02d11ce7b0797a1ecc9585ecd63f9b67c
bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c889f8be02dd3f558aa62eecb48553fb5a306c9fff0951bd97ff3b40a46875e0
cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
dbb122e8d64002179151d4b885c054ab4673cafa5ae4ec2e46118c36c33a1efe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8e5351fc39356f8f94d7f334b11f9a0f44a67a9461bbd3e8be10cf44acdf780