23iwqow0wsf.ipsl-k.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com
Effective URL:
https://23iwqow0wsf.ipsl-k.com/
Submission: On November 04 via api (November 4th 2024, 3:14:35 pm UTC) from RU — Scanned from DE

Summary HTTP 67 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 13 domains to perform 67 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 23iwqow0wsf.ipsl-k.com.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time 23iwqow0wsf.ipsl-k.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700:20:... 2606:4700:20::681a:fdc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1901:0:5... 2600:1901:0:5987::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
4	2a02:26f0:350... 2a02:26f0:3500:8::c16c:9908	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	35.190.14.188 35.190.14.188	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:272... 2600:9000:2724:4600:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:c... 2600:1901:0:c07c::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.157.122.248 18.157.122.248	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
4	35.241.3.184 35.241.3.184	15169 (GOOGLE) (GOOGLE)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	63.33.121.64 63.33.121.64	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	2600:1901:0:1... 2600:1901:0:1e38::	15169 (GOOGLE) (GOOGLE)
1	34.95.108.180 34.95.108.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:7903::	15169 (GOOGLE) (GOOGLE)
1	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	23

16 2606:4700:20::681a:fdc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ushbc.blueberry.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:5987:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:8::c16c:9908 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:4600:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:c07c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.122.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

blueberry.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.241.3.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.121.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-121-64.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com

uct.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

23iwqow0wsf.ipsl-k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7903:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

graphql.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 9082 api.usercentrics.eu — Cisco Umbrella Rank: 6675 consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15140 uct.service.usercentrics.eu — Cisco Umbrella Rank: 17632 graphql.usercentrics.eu — Cisco Umbrella Rank: 14686	198 KB
16	blueberry.org 1 redirects ushbc.blueberry.org	777 KB
5	ipsl-k.com 23iwqow0wsf.ipsl-k.com	69 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 561	95 KB
4	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 6169	525 KB
2	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3443	16 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 16929 blueberry.matomo.cloud	56 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	634 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 592	16 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6755	171 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	87 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	31 KB
67	13

	Domain	Requested by
16	app.usercentrics.eu	ushbc.blueberry.org app.usercentrics.eu
16	ushbc.blueberry.org	1 redirects ushbc.blueberry.org
6	api.usercentrics.eu	app.usercentrics.eu
5	23iwqow0wsf.ipsl-k.com	ushbc.blueberry.org 23iwqow0wsf.ipsl-k.com
4	pro.fontawesome.com	ushbc.blueberry.org pro.fontawesome.com
3	use.typekit.net	ushbc.blueberry.org use.typekit.net
2	challenges.cloudflare.com	23iwqow0wsf.ipsl-k.com challenges.cloudflare.com
2	consent-api.service.consent.usercentrics.eu	app.usercentrics.eu
1	graphql.usercentrics.eu
1	uct.service.usercentrics.eu
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	ushbc.blueberry.org
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	blueberry.matomo.cloud	cdn.matomo.cloud
1	cdn.matomo.cloud	ushbc.blueberry.org
1	www.googletagmanager.com	ushbc.blueberry.org
1	p.typekit.net	use.typekit.net
1	code.jquery.com	ushbc.blueberry.org
67	20

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
blueberry.org WE1	`2024-10-25` - `2025-01-23`	3 months	crt.sh
app.usercentrics.eu WR3	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M02	`2024-09-25` - `2025-10-23`	a year	crt.sh
api.usercentrics.eu WR3	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2024-05-21` - `2025-06-19`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh
consent-api.service.consent.usercentrics.eu WR3	`2024-09-27` - `2024-12-27`	3 months	crt.sh
uct.service.usercentrics.eu WR3	`2024-09-17` - `2024-12-16`	3 months	crt.sh
ipsl-k.com WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
graphql.usercentrics.eu WR3	`2024-09-12` - `2024-12-11`	3 months	crt.sh
challenges.cloudflare.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://23iwqow0wsf.ipsl-k.com/
Frame ID: C0E3A42F468B7529D785A20D5A532388
Requests: 57 HTTP requests in this frame

Frame: https://ushbc.blueberry.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: D9B4212DF42ACE7CC1113CB080B60BC2
Requests: 2 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.38.5/cross-domain-bridge.html
Frame ID: 7FFC2A5BC0BB012E6F7B2F49F5184617
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iywg3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: F4FD5E4C7204137378F7D6EC3D3B0130
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com Page URL
https://23iwqow0wsf.ipsl-k.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

96 %
HTTPS

50 %
IPv6

13
Domains

20
Subdomains

23
IPs

5
Countries

1931 kB
Transfer

4792 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com Page URL
https://23iwqow0wsf.ipsl-k.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://ushbc.blueberry.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ushbc.blueberry.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
ushbc.blueberry.org/you-are-leaving/ 90 KB
25 KB 3719ms
186ms Document
text/html 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f678e21b10ef44ae1f6b3d66f9ccedbeff32876662c1a41440ccd3b3bc09899

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 68
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8dd58db98c079746-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Nov 2024 15:14:25 GMT
link: <https://ushbc.blueberry.org/?p=1289>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3gXLk6pP8Tl0whxNEhuSN9uJelEGzmCFKnWY4c5kS8K37sdPjEB0qW8KghruQvEE71Ma880N3fathWHBT5s96slvOg9EO6U4bzf3%2BKLmzt2IGsUDvGUuZbpYKKH3E64cA4rinpF52YDylJ1COdJPFo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=41308&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4410&recv_bytes=2439&delivery_rate=93215&cwnd=254&unsent_bytes=0&cid=ce19fde9218c6394&ts=194&x=0"
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe2-a-5466c7c5b8-qdkph
x-served-by: cache-chi-kigq8000127-CHI, cache-fra-eddf8230038-FRA
x-styx-req-id: 5191d034-9abf-11ef-9a34-5a8882821802
x-timer: S1730733265.911838,VS0,VE112
x-xss-protection: 1; mode=block

GET
H2 200 NeulisAlt-ExtraBold.woff2
ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/fonts/ 41 KB
42 KB 99ms
97ms Font
font/woff2 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/fonts/NeulisAlt-ExtraBold.woff2

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d8172c10c1f0c362b6549e5dd18e47d563986fca39fbcf7b536924b71449221

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-a-85cb54d4c7-nkbrw
cf-cache-status: HIT
etag: "66e89d76-a3dc"
age: 1797820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Cn0b5uLIE5EpBvQb7x7VjI70Bovg%2Bxlv8fIK02J2nUoo%2BcGhEtyz4I6sjVMB%2BUVCyzHnCQ15IE%2B6VoJxEi%2BQE0bmsTq6x8EdIz2S13H%2FEgQwlNF76fw7mtFZ7b1UxlvJkZ3UxD3KMZLD90kfJ2wOTc%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 17 Sep 2025 22:44:41 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=96&recv=35&lost=0&retrans=0&sent_bytes=94422&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=18671&cid=ce19fde9218c6394&ts=266&x=0"
x-cache: MISS, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: font/woff2
last-modified: Mon, 16 Sep 2024 21:04:54 GMT
x-served-by: cache-chi-kigq8000158-CHI, cache-fra-eddf8230073-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728935445.348054,VS0,VE6
x-styx-req-id: 432d57a7-747d-11ef-8ede-620bf12b0cea
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd6e9746-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41948
server: cloudflare

GET
H2 200 NeulisAlt-Bold.woff2
ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/fonts/ 41 KB
41 KB 63ms
61ms Font
font/woff2 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/fonts/NeulisAlt-Bold.woff2

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913d1e01fa048e7f7b3c7e08822f83c21f2567f3904eecd9588574a48057db03

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-a-786bb4777d-xxwrw
cf-cache-status: HIT
etag: "66fd047b-a288"
age: 1709134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSLrDXGcRkcnkM9QP%2BOlbBiPViSkE6cI5siwbnYX9d2jWgsCNzsHOGXzLy%2FjQVGs5rsrILcBM%2F8iDIvZiDEX4OYz6Nktq70XcKcMPtxyL5nav1z%2FhVdLm1oBYeZzf8xLLKp41DmNTpMxm9ARStdIwwc%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Oct 2025 20:08:06 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=80&recv=35&lost=0&retrans=0&sent_bytes=75719&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=0&cid=ce19fde9218c6394&ts=261&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: font/woff2
last-modified: Wed, 02 Oct 2024 08:29:47 GMT
x-served-by: cache-chi-kigq8000066-CHI, cache-lin1730021-LIN
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729024132.838721,VS0,VE9
x-styx-req-id: 09f95910-80fa-11ef-a753-ba172eab071d
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd709746-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41608
server: cloudflare

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ 33 KB
9 KB 130ms
41ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0405d39301cc6b0dc7a7e672665971ec14e22b722cbdd3bd9f07b1975035617c

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
content-encoding: gzip
x-goog-hash: crc32c=MrqANQ==, md5=cH9YE24IwbqcHG8aS41/8Q==
etag: "707f58136e08c1ba9c1c6f1a4b8d7ff1"
age: 1920
x-goog-stored-content-encoding: gzip
expires: Mon, 04 Nov 2024 15:42:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8553
date: Mon, 04 Nov 2024 14:42:25 GMT
last-modified: Mon, 28 Oct 2024 13:37:56 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY3JALXda3a8Y-D3RdHfS_dk7gKg_9sTfVPZRFWKh_I3xZi_m7gpYBSw8PjtyJBue_GzyvKxvXBbRA
strict-transport-security: max-age=7776000
cache-control: public, max-age=3600, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122676532971
content-length: 8553
server: UploadServer

GET
H2 200 style.min.css
ushbc.blueberry.org/wp-includes/css/dist/block-library/ 93 KB
16 KB 54ms
53ms Stylesheet
text/css 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-a-5cc68c7f44-5n9kt
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66fa17a7-172a9"
age: 1797820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfZYcOK%2FvjA6lv5%2Fs5HpKPYeKwDD9ZqhhpqbeBB%2BPAyPr3UwFREsW90UzBvvG179xIHhDzdMmf8rL0RGjlP%2FRIRz7jXIHlTNDiw6VjwWtXAeAnKpA74ZzzFhGC5SA8DAId32K2gcNrsaz79Egbj8B7w%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 02 Oct 2025 00:54:55 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=40&recv=35&lost=0&retrans=0&sent_bytes=30294&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=0&cid=ce19fde9218c6394&ts=256&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/css
last-modified: Mon, 30 Sep 2024 03:14:47 GMT
x-served-by: cache-chi-kigq8000103-CHI, cache-fra-eddf8230070-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728935445.356694,VS0,VE8
x-styx-req-id: c622b8a4-7f8f-11ef-9d7a-0ae802050b13
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd699746-FRA
accept-ranges: bytes
content-length: 16113
server: cloudflare

GET
H2 200 classic-themes.min.css
ushbc.blueberry.org/wp-includes/css/ 217 B
801 B 57ms
55ms Stylesheet
text/css 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-b-547989f88d-q7djl
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e87a4a-d9"
age: 1818182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=05Ix2qmb90xEr0ghnCzNGwX0NgLRriMW3x5VW6Dua%2FI5yi2a7vHHvpRxwwz53aqclxql%2B5N2aNGF2NVmWBXgckMUPKnyDCVtzjtcyOFKURix5C%2Bf2YA51WdIlcioDf%2BvDuEg4fhieFXB0VDK9VhnHzQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 17 Sep 2025 19:03:09 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=55&recv=35&lost=0&retrans=0&sent_bytes=47402&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=0&cid=ce19fde9218c6394&ts=258&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 18:34:50 GMT
x-served-by: cache-chi-kigq8000115-CHI, cache-fra-eddf8230060-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728915083.106503,VS0,VE4
x-styx-req-id: 5004b394-745e-11ef-a5df-4254065867ae
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd6b9746-FRA
accept-ranges: bytes
content-length: 189
server: cloudflare

GET
H2 200 style.css
ushbc.blueberry.org/wp-content/mu-plugins/padilla-supplier-vcard-generator/src/css/ 373 B
827 B 98ms
97ms Stylesheet
text/css 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/mu-plugins/padilla-supplier-vcard-generator/src/css/style.css?ver=1.0.0

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e08eba9a503b82cab447dfefd6fa4e60768e6f6674af7cf6cbf6d56e64b013d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-a-85cb54d4c7-lmqzj
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e89d76-175"
age: 1705603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNCFh%2FpC9OH8S2wlzyb%2FjGnDSETi%2Fv55XkH%2BSbnJWStRL0npDTQA2aSBn7FXOl%2BXBrgDwYHkioTPdXuzYWEfMyF0CSlWikaRz6JuYYoNEbXx1HJVPyv6sQc84X8jtuEpuNWSfq4PKQitgHysmwEIE48%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 18 Sep 2025 14:18:19 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=96&recv=35&lost=0&retrans=0&sent_bytes=94422&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=18671&cid=ce19fde9218c6394&ts=262&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 21:04:54 GMT
x-served-by: cache-chi-klot8100082-CHI, cache-lin1730083-LIN
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729027663.918825,VS0,VE5
x-styx-req-id: b0871efe-74ff-11ef-939d-ca7755f608a7
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd6c9746-FRA
accept-ranges: bytes
content-length: 227
server: cloudflare

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.14.0/css/ 170 KB
32 KB 158ms
65ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.14.0/css/all.css
Requested by: Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7de3b4b49089f8cdd8267eda652f35806cb2b70f7c5cec0351f6d129263e52b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1dfe138ae594553bc5ddec1f1f1ef389"
age: 5340268
access-control-allow-methods: GET
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/css
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:12:47 GMT
x-amz-id-2: PFPeNnNml3pFITAmrJWR1Tj1A0VRsa4COWL/F9PFhVpisUyqiruVwGbwMHCtkKo8qAVCvBp9fjo=
cache-control: max-age=31556926
x-amz-request-id: B41KNWFS0YR4J6KF
cf-ray: 8dd58dbb5a4f198f-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 blueberry-ushbc.css
ushbc.blueberry.org/wp-content/themes/ushbc/public/css/ 121 KB
27 KB 57ms
56ms Stylesheet
text/css 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/themes/ushbc/public/css/blueberry-ushbc.css?ver=1730606850

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8942b15475d8e824e5d2457787d0e1f9862fd87cef806b4c86caa005dc62ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-a-85cb54d4c7-w9wjs
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e87a4a-1e3ab"
age: 1705603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTRKxAgVYTBoft%2FlCXVIrJXSwGkmByaYKlu4EioasU6SvY033std91c0x5Zqb3BX2HBlQpS9ZGiCaG5SJ%2BAkKSeNs2wYpidvuWN%2FF%2FxMNBkURxkNyooHxEGthHNDg1w4qrlHgBJYQAf7Q%2B4%2BRVoyXFo%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 17 Sep 2025 19:03:09 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=57&recv=35&lost=0&retrans=0&sent_bytes=48269&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=0&cid=ce19fde9218c6394&ts=260&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 18:34:50 GMT
x-served-by: cache-chi-klot8100082-CHI, cache-lin1730057-LIN
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729027663.918132,VS0,VE7
x-styx-req-id: 5006fb99-745e-11ef-9d02-b258e934342c
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd729746-FRA
accept-ranges: bytes
content-length: 26544
server: cloudflare

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
31 KB 161ms
48ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js?ver=3.6.1
Requested by: Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d84"
age: 5889996
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 388150, 36426
x-served-by: cache-lga21981-LGA, cache-mxp6927-MXP
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730733265.195389,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30879
server: nginx

GET
H2 200 index.js Show response
ushbc.blueberry.org/wp-content/mu-plugins/padilla-supplier-vcard-generator/src/js/ 2 KB
1 KB 97ms
96ms Script
application/x-javascript 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/mu-plugins/padilla-supplier-vcard-generator/src/js/index.js?ver=1.0.0

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466e8ade141a717b55121276af19697a7c88093584828ad280c5fa1687aadaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-b-547989f88d-fmcdm
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f185d9-720"
age: 937356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQxIdHsIHh07gjs7rzA4069N%2BxxkFmWSdk6FqDVgkR%2FinbRGy5TTi5S3HSmzYJCeAwLZ4GkOcrBc%2FbrkVkcdnJNGEgd0Pv8yvoO91IY%2FhlN9M0dvcsyEXemmuV12qrowVhS9HF7mDXyv4DgZvfPXuY8%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 24 Sep 2025 21:43:10 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=96&recv=35&lost=0&retrans=0&sent_bytes=94422&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=18671&cid=ce19fde9218c6394&ts=262&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/x-javascript
last-modified: Mon, 23 Sep 2024 15:14:33 GMT
x-served-by: cache-chi-kigq8000021-CHI, cache-fra-eddf8230102-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729795909.143153,VS0,VE7
x-styx-req-id: d3eab40f-79f4-11ef-813d-f65a750f5e47
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd789746-FRA
accept-ranges: bytes
content-length: 760
server: cloudflare

GET
H2 200 ushbc.svg
ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/images/logos/ 18 KB
7 KB 99ms
98ms Image
image/svg+xml 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/images/logos/ushbc.svg

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32c5e3c815638ccc635e167e0267d94f33420eae6e450b3f403d40ac76aea6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-b-866c5fb7b9-6fwm9
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f7ccc1-4904"
age: 1760516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iI02CKtCECuaD52dQHBD2P1lKzLYAHnfWoh9AlSLjnQwOlmiZQ5ehZlGVQsHGesCzUcGj%2FUmLZ7uhHaqYH7Bwn2H5P1q0bAZpNRKlgGKKuctjqiik7oOcs8j%2FqZoEQyrp1Z33skzt4ta%2FU1zTw643A%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 30 Sep 2025 03:11:42 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=96&recv=35&lost=0&retrans=0&sent_bytes=94422&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=18671&cid=ce19fde9218c6394&ts=268&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: image/svg+xml
last-modified: Sat, 28 Sep 2024 09:30:41 GMT
x-served-by: cache-chi-klot8100159-CHI, cache-fra-eddf8230077-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728972750.631348,VS0,VE5
x-styx-req-id: 8d33e924-7e10-11ef-9cbd-b63d1030e720
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd799746-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6406
server: cloudflare

GET
H2 200 blueberry-ushbc.js Show response
ushbc.blueberry.org/wp-content/themes/ushbc/public/js/ 2 MB
591 KB 97ms
97ms Script
application/x-javascript 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/themes/ushbc/public/js/blueberry-ushbc.js?ver=1730606850

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65701b5a5dfab60fce085684eb153a51bee4bfe99f5030bef1343ad5d9a04de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-a-85cb54d4c7-m9m8h
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66ea0da0-1c5cfc"
age: 1797820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69%2FL2v1v3u6XoMpWKhPBOf61e9rhxa2ZhzsboDgd5bUHYf8njNwXGVc9aNhpbIwe%2FtJtmfLS7vqV2wWJpqYFxfjMqJJveggjUrWusOR8%2FKviyis76aWthxtaDwDgZacQ7SeXzK0voCu%2FKH%2FtdqDJvlk%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 19 Sep 2025 18:00:19 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39278&sent=96&recv=35&lost=0&retrans=0&sent_bytes=94422&recv_bytes=3554&delivery_rate=725852&cwnd=257&unsent_bytes=18671&cid=ce19fde9218c6394&ts=264&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/x-javascript
last-modified: Tue, 17 Sep 2024 23:15:44 GMT
x-served-by: cache-chi-klot8100157-CHI, cache-fra-eddf8230028-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728935445.346164,VS0,VE5
x-styx-req-id: de0072f8-75e7-11ef-8caa-0232b733d708
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbacd7a9746-FRA
accept-ranges: bytes
content-length: 603697
server: cloudflare

GET
H2 200 wp-emoji-release.min.js Show response
ushbc.blueberry.org/wp-includes/js/ 18 KB
6 KB 57ms
57ms Script
application/x-javascript 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-b-547989f88d-q7djl
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e87a4a-48b9"
age: 1797820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jatoPRVk2kPg5MaSu33LN1LgwVWf%2FtLGfhrjSe7PnnUsUSbO2C5WxoSMbuureQRVpJR%2BRZmAxKQm%2BWTWp6GV6uKXOdJ5Yi%2F4gE%2BePTmWPUaMHvFxIwt7QuWIPnPEYJmZZpLTQybZg9tUvhygRfVm9Fg%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 17 Sep 2025 19:03:13 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=39125&sent=625&recv=314&lost=0&retrans=0&sent_bytes=776965&recv_bytes=3631&delivery_rate=9705503&cwnd=709&unsent_bytes=0&cid=ce19fde9218c6394&ts=608&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/x-javascript
last-modified: Mon, 16 Sep 2024 18:34:50 GMT
x-served-by: cache-chi-kigq8000094-CHI, cache-fra-eddf8230153-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728935445.454858,VS0,VE10
x-styx-req-id: 5294776d-745e-11ef-a5df-4254065867ae
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dbcffe29746-FRA
accept-ranges: bytes
content-length: 5806
server: cloudflare

GET
H2 200 jat6tjw.css
use.typekit.net/ 9 KB
1 KB 330ms
180ms Stylesheet
text/css 2a02:26f0:3500:8::c16c:9908
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jat6tjw.css

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/wp-content/themes/ushbc/public/css/blueberry-ushbc.css?ver=1730606850

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:8::c16c:9908 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6e86acb86b70281e7ce92305e52eac23e65f0993ad0e898a4d497952c5495e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/wp-content/themes/ushbc/public/css/blueberry-ushbc.css?ver=1730606850

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1062
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H3 200 index.module.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 440 KB
118 KB 83ms
40ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

0bec4f5deafe105f91bd435fd9cb91a0e245618930ed100e0cf778485209dc98

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=Mmy7bw==, md5=u9tmgDDO27OQRq9/jJjb5g==
etag: "bbdb668030cedbb39046af7f8c98dbe6"
age: 610589
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 120984
date: Mon, 28 Oct 2024 13:37:56 GMT
last-modified: Mon, 28 Oct 2024 13:37:33 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY22aHsKHNb_KfF071GYnrYQvMCcQMrRDbqdEretO6cMafkpDTlC1i_miHp369dVfKxtwXQ
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122653023058
content-length: 120984
server: UploadServer

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 53ms
40ms Stylesheet
text/css 2a02:26f0:3500:8::c16c:9908
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jat6tjw&ht=tk&f=24553.24554.24558.24559.24539.24540.24547.24548.24580.24581.24588.24589&a=82007369&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jat6tjw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:8::c16c:9908 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://use.typekit.net/jat6tjw.css

Response headers

cache-control: public, max-age=604800
etag: "66cb291a-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/css
last-modified: Sun, 25 Aug 2024 12:52:42 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 255 KB
87 KB 150ms
62ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKQM6XB

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2aad820a3b1b20aa838aacd7b9e12ca91e8baf55955917fe6a7cc52a966e858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 04 Nov 2024 15:14:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88276
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 container_wJ5xRrU2.js Show response
cdn.matomo.cloud/blueberry.matomo.cloud/ 227 KB
56 KB 140ms
46ms Script
application/javascript 2600:9000:2724:4600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/blueberry.matomo.cloud/container_wJ5xRrU2.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:4600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b016764328c879a54b91d1ade982306d6d8996ec6406a433549cd104bac40138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

content-encoding: gzip
x-amz-version-id: VHlk5Vw8TKLtvMdkp5nIXdW9vq3sN2FV
etag: W/"deae0d24a705e7428598c2ccb81471bd"
age: 1364
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Zsqvmq0JEoLIvgkhi4Sdkg70kM7xYEWQnbX7gN9UjHvIDSx62vOlig==
date: Mon, 04 Nov 2024 14:51:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 25 Oct 2024 17:30:08 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000
cache-control: max-age=691200
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
server: CloudFront

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H2 200 fa-light-300.woff2
pro.fontawesome.com/releases/v5.14.0/webfonts/ 185 KB
185 KB 56ms
55ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.14.0/webfonts/fa-light-300.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.14.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbbe0d8ca25eef4edbbd3248feb22f8f9cc20ded608cd3e5c410f27bf7e97f92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://pro.fontawesome.com/releases/v5.14.0/css/all.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "3d8af27a47bbfab857f96dbcf710b087"
age: 20378615
access-control-allow-methods: GET
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: font/woff2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:14:37 GMT
x-amz-id-2: xwut/EciKsfVVHHhrV78PT1+/1pNPOjGHebs5IsgA57YvAHsj2c9jm0peWtYonqtAWpNZeSt4tm7QO1CZVs5H2ODS4ZIjHf+
cache-control: max-age=31556926
x-amz-request-id: Z9WYWNWVANAX1ARQ
cf-ray: 8dd58dbe0d79198f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 189452
server: cloudflare

GET
H2 200 l
use.typekit.net/af/b718ff/00000000000000007735f98d/30/ 46 KB
46 KB 406ms
40ms Font
application/font-woff2 2a02:26f0:3500:8::c16c:9908
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b718ff/00000000000000007735f98d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jat6tjw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:8::c16c:9908 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://use.typekit.net/jat6tjw.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "8eb51f23928374af36bf65f02757cd5be6775093"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 47332
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.14.0/webfonts/ 137 KB
138 KB 96ms
96ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.14.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://pro.fontawesome.com/releases/v5.14.0/css/all.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "150120b3d9b448dd116680b66eba9bbe"
age: 5362942
access-control-allow-methods: GET
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: font/woff2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:14:37 GMT
x-amz-id-2: rOK5KO+ufDvQQ8UbHInIqIR6Eurc4JhmmKDa9QMxh6xsQNV9Dk1aGE2LfExLshCO6Rs+MvwXm1Y=
cache-control: max-age=31556926
x-amz-request-id: 6CA5KG896Y0Z4F8H
cf-ray: 8dd58dbe0d7c198f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 140704
server: cloudflare

GET
H2 200 l
use.typekit.net/af/5d97ff/00000000000000007735f999/30/ 47 KB
47 KB 415ms
49ms Font
application/font-woff2 2a02:26f0:3500:8::c16c:9908
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d97ff/00000000000000007735f999/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jat6tjw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:8::c16c:9908 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://use.typekit.net/jat6tjw.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "b4c0d041408776d043674f518c911c68d4f73f57"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 48312
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.14.0/webfonts/ 169 KB
170 KB 97ms
96ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.14.0/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.14.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://pro.fontawesome.com/releases/v5.14.0/css/all.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "3e332211899360ab9380df4d50e1c33a"
age: 233052
access-control-allow-methods: GET
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: font/woff2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:14:37 GMT
x-amz-id-2: 3nVI3CUq1EiaIYsNDNlCf44AIo/6PQbPOYAwYuo9QB96bECONADaDEd1VDN2h2lGZbZHNdFwHhw=
cache-control: max-age=31556926
x-amz-request-id: FQ5WXQHMKZNG4S9Z
cf-ray: 8dd58dbe0d7e198f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 173220
server: cloudflare

GET
H2

200

main.js Show response
ushbc.blueberry.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame D9B4
Redirect Chain

https://ushbc.blueberry.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ushbc.blueberry.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

72ms
72ms

Script
application/javascript

2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bf9a28b238c01cd8c92f2582fdd29b3b9460bddb22a462402c7b14e5c3155ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sURIcEY0qnuUq7%2FtWU1s6i31jVS08XhSFP16YuYjHPs3R%2FRs6aYUJZNJc%2FXm0BOMeiMJ47%2FAhqDSLAHtFpFZVGL6TpyVpPo1axymVtduoOveyiRIsUKFMU5vEzLiuJYIA9hGXz9OdakBPzzpa8DFOjA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8dd58dbe89919746-FRA
server-timing: cfL4;desc="?proto=TCP&rtt=44358&sent=633&recv=321&lost=0&retrans=0&sent_bytes=784072&recv_bytes=3808&delivery_rate=9705503&cwnd=717&unsent_bytes=0&cid=ce19fde9218c6394&ts=879&x=0"
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfJlUhjQVLHi3egkNwr64qimYBytuVuXnt0OYeKOxzlH4AW8FWXEnWQ6xceBOPFyFoDSZVJV2vbesx4ibO5cPVslmzi0skUJlV%2FjcKUgfwwnqVDT9Yev0LpMAEX3ccR1phEP2wPa6HVz1w6rStyKjSA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd58dbe39369746-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=44967&sent=632&recv=319&lost=0&retrans=0&sent_bytes=783533&recv_bytes=3713&delivery_rate=9705503&cwnd=716&unsent_bytes=0&cid=ce19fde9218c6394&ts=806&x=0"
content-length: 0
date: Mon, 04 Nov 2024 15:14:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/HnSO-4Rt-/latest/ 56 B
585 B 108ms
107ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/HnSO-4Rt-/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a75d094caba33ac05120819a5fd16b225bcd6ceda6d4b507d6dac56d3bbd4320

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=SJK0Nw==, md5=e0zj72WAe2KwYdcMiqWgnw==
etag: "7b4ce3ef65807b62b061d70c8aa5a09f"
x-goog-stored-content-encoding: gzip
expires: Mon, 04 Nov 2024 15:15:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 61
x-client-geo-location: DE,DEBY
date: Mon, 04 Nov 2024 15:14:25 GMT
last-modified: Mon, 01 Jul 2024 17:28:35 GMT
vary: Accept-Encoding
content-type: application/json
x-guploader-uploadid: AHmUCY0fOV9Nd9c5bAgG-uirDWtB7GwHH8lBnq9UE8_FvyoOVtL0BMB1ALd5qEjQQZf8iJYDfOO6Bdbf2g
strict-transport-security: max-age=7776000
cache-control: public, max-age=1800, s-maxage=60
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1719854915296673
content-length: 61
server: UploadServer

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/HnSO-4Rt-/latest/ Frame 0
0 146ms
55ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/HnSO-4Rt-/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ushbc.blueberry.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Nov 2024 15:14:25 GMT
expires: Mon, 04 Nov 2024 15:14:25 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEBY
x-guploader-uploadid: AHmUCY2phzFk0JprE-vL-xdpve6kLq6ubO2_Txxn6PegBiu5DVXjruFlFG_5pVpkTnE5L04-xvgtffTtNw

POST
H2 204 matomo.php
blueberry.matomo.cloud/ 0
178 B 214ms
119ms Ping
text/plain 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blueberry.matomo.cloud/matomo.php?action_name=You%20are%20now%20leaving%20the%20USHBC%20site%20-%20USHBC&idsite=2&rec=1&r=171976&h=16&m=14&s=25&url=https%3A%2F%2Fushbc.blueberry.org%2Fyou-are-leaving%2F%3Fredirect%3Dhttps%3A%2F%2F23iwqow0wsf.ipsl-k.com&_id=8ebaf1a388df7a1e&_idn=1&send_image=0&_refts=0&dimension1=Guest&pv_id=XZOfet&fa_pv=1&fa_fp[0][fa_vid]=pWIxBI&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=aGOXlh&fa_fp[1][fa_fv]=1&pf_net=3533&pf_srv=186&pf_tfr=5&pf_dm1=546&uadata=%7B%22formFactors%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/blueberry.matomo.cloud/container_wJ5xRrU2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://ushbc.blueberry.org
date: Mon, 04 Nov 2024 15:14:25 GMT
vary: X-Forwarded-Proto,User-Agent
server: Apache
access-control-allow-credentials: true

POST
H2 200 8dd58db98c079746 Show response
ushbc.blueberry.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D9B4 0
1 KB 92ms
87ms XHR
text/plain 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ushbc.blueberry.org/cdn-cgi/challenge-platform/h/b/jsd/r/8dd58db98c079746
Requested by: Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7rkoUJ4Z1kCB%2BpRe8q9oIeX9vC641uA56%2BbOIrI%2Fw7zRwAnnz6sUT0M9IXqZbUZLumlWM8vxyNIZ3sYPqFLHGouAnzwQf4MmQEPekpKoKcXUVVSg6NPjcxqd7y%2Bd98%2FhPTKmuEPKuZxT1mZ79sRvVY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd58dbf7a999746-FRA
server-timing: cfL4;desc="?proto=TCP&rtt=41621&sent=643&recv=340&lost=0&retrans=0&sent_bytes=788420&recv_bytes=20285&delivery_rate=9705503&cwnd=722&unsent_bytes=0&cid=ce19fde9218c6394&ts=1047&x=0"
content-length: 0
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 hotjar-2465582.js Show response
static.hotjar.com/c/ 13 KB
5 KB 176ms
74ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2465582.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKQM6XB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

ac4d274f3d6655d3d88831c7aec521183d3f6431c4cd964be15273ca49bc2ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/b13bb5d93b2e84a52b8554336db116d6
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: jDnbvF8WjEBVCxrJywPCCIO4a3F_G6Bl2EE66Thv_xgadaO97VQP2w==
date: Mon, 04 Nov 2024 15:14:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H3 200 en.json Show response
api.usercentrics.eu/settings/HnSO-4Rt-/latest/ 30 KB
8 KB 65ms
65ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/HnSO-4Rt-/latest/en.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

5fcfc476846935a31d50f6e4acbf31f250db09e64d7fc8cb8e2bd053ac069ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=M8rQ9g==, md5=vLDPsZcIZkyij2/jvk/eAw==
etag: "bcb0cfb19708664ca28f6fe3be4fde03"
age: 1
x-goog-stored-content-encoding: gzip
expires: Mon, 04 Nov 2024 15:15:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7747
x-client-geo-location: DE,DEHH
date: Mon, 04 Nov 2024 15:14:25 GMT
last-modified: Mon, 01 Jul 2024 17:28:35 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2Goo9ueFo5xF9NPSGr8nBLMcyYyasAfCdQuohfngzvfHOyNvI9LTX-kwnJyvJ9K_xisM63xPT0
strict-transport-security: max-age=7776000
cache-control: public, max-age=1800, s-maxage=60
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1719854915297390
content-length: 7747
server: UploadServer

OPTIONS
H3 200 en.json
api.usercentrics.eu/settings/HnSO-4Rt-/latest/ Frame 0
0 56ms
56ms Preflight
text/html 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/HnSO-4Rt-/latest/en.json

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ushbc.blueberry.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Nov 2024 15:14:25 GMT
expires: Mon, 04 Nov 2024 15:14:25 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEHH
x-guploader-uploadid: AHmUCY2oKH-Ycb0EU7dg1e-gFnVOnHag8qNs1L6uRvZoYLLPh3ZwHYSxpxQeOon7pKxmXQOMTfL7_Gxw

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 186ms
85ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2465582.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 3268
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: sW35guyfbiXgzZhly1sy4GUbK3v8eqD4sirCxsKnaQ1mRYXwig2TAg==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: FRA60-P9

GET
H2 200 cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.38.5/ Frame 7FFC 0
0 119ms
40ms Document
text/html 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-sdk/4.38.5/cross-domain-bridge.html

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type Content-Length Transfer-Encoding
age: 217299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=2592000, no-transform
content-encoding: gzip
content-length: 1142
content-type: text/html
date: Sat, 02 Nov 2024 02:52:47 GMT
etag: "c694926fa8d9549789a56bd1df21b8a8"
expires: Mon, 02 Dec 2024 02:52:47 GMT
last-modified: Mon, 28 Oct 2024 13:37:13 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-goog-generation: 1730122633298226
x-goog-hash: crc32c=CXfLbw== md5=xpSSb6jZVJeJpWvR3yG4qA==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1142
x-guploader-uploadid: AHmUCY2FJkt66KX-JedNgEZ7j44dhjkpnZEi83ij5khTEqG2k-wyHU1yVhm5EQMAp3NZPO5BXogYaqF141rnN9s

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
823 B 42ms
41ms Image
image/png 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=HnSO-4Rt-

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
etag: "3702ada73b8951017b8451cbd6a96523"
age: 37
x-goog-stored-content-encoding: gzip
expires: Mon, 04 Nov 2024 15:43:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 522
date: Mon, 04 Nov 2024 15:13:49 GMT
last-modified: Fri, 08 May 2020 09:06:13 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY0QfeUeq47BbBqJXEiCQ2SF52AjZs_8KTAmVfseWxp6Oup5dOUVz_kWIXhvYkURRx5GkcSPVcqr
strict-transport-security: max-age=7776000
cache-control: public,max-age=1800,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1588928773413784
content-length: 522
server: UploadServer

GET
H3 200 DefaultData-d851236d-75928269.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 2 KB
1001 B 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/DefaultData-d851236d-75928269.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fcf4ad57046af8b44b9f85d4398ca15757c54cdbdecfdfdf438266ff0bd996f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=XWJu0g==, md5=SaMto8XMmp9E1vKcwePDjA==
etag: "49a32da3c5cc9a9f44d6f29cc1e3c38c"
age: 610589
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 970
date: Mon, 28 Oct 2024 13:37:57 GMT
last-modified: Mon, 28 Oct 2024 13:37:23 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2qLM5tvUhklKD2HTaVuoacEnpyQWfhVSfvhaztxTzwxoAEX3VR32In2dQhSrk0RRfOCmY
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122643162145
content-length: 970
server: UploadServer

GET
H3 200 translations-en.json Show response
api.usercentrics.eu/translations/ 7 KB
2 KB 48ms
48ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-en.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

293c213205cd107ec18a50ae1f8a7b79915117d162cc58701a575def7c295d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=8/rfvQ==, md5=3gvV2wFCHwyIlwHnbgqquQ==
etag: "de0bd5db01421f0c889701e76e0aaab9"
age: 42338
x-goog-stored-content-encoding: gzip
expires: Tue, 05 Nov 2024 03:28:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2491
x-client-geo-location: DE,DEHH
date: Mon, 04 Nov 2024 03:28:48 GMT
last-modified: Mon, 07 Oct 2024 11:53:10 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3wQlQofXurwYj3pjg1oaRBtj3zgSkOyss-R6tAE0UPz9TVtsP5PLngWqRuKygCbK_jsUuRVqJyKA
strict-transport-security: max-age=7776000
cache-control: public, max-age=86400, s-maxage=86400
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728301990483385
content-length: 2491
server: UploadServer

OPTIONS
H3 200 translations-en.json
api.usercentrics.eu/translations/ Frame 0
0 63ms
62ms Preflight
text/html 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-en.json

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ushbc.blueberry.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Nov 2024 15:14:26 GMT
expires: Mon, 04 Nov 2024 15:14:26 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEHH
x-guploader-uploadid: AHmUCY2Naw54hVt6AZaj4oas6ujcxpYdWVHqozHnbCTVjat4HrBDBoD1ZNuiUbT3McQ7aeEj4cuvcdEc

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 248ms
113ms XHR
application/json 63.33.121.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2465582&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.121.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-121-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a1f839114ee99b1d8377f9a6492b7563656cc7d6e140919ed923256684413205

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Mon, 04 Nov 2024 15:14:26 GMT
content-type: application/json

GET
H2 200 nr-rum-1.270.3.min.js Show response
js-agent.newrelic.com/ 51 KB
16 KB 157ms
47ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.270.3.min.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6a679925dd5803444bf369c4fc29b893da0887fcecb4cf7a30a152240bed880

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "cda2a229d05e2c81810fc727654ec99d"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 16588
date: Mon, 04 Nov 2024 15:14:26 GMT
last-modified: Thu, 31 Oct 2024 19:08:34 GMT
content-type: application/javascript
x-served-by: cache-mxp6942-MXP
x-cache-hits: 72174
vary: Accept-Encoding

GET
H2 200 favicon.ico
ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/images/favicons/ 47 KB
10 KB 63ms
62ms Other
image/x-icon 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/images/favicons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09a68c09fdc6dcd2bcfb2a28eb6969c9042044c636cf7d6adf60a3c9a327c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-b-5955f47cc7-4ddpx
content-encoding: gzip
cf-cache-status: HIT
etag: "672085b2-ba76"
age: 511051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3TqdIraLGp6TzglQ2CyjonMeKUSb%2FtyPP7SqtnvshD%2FnI8Hf%2FKOOdHYParemNuuBCuHrY6ObA%2FQGF9SQVM9XMfw6rBaiE1tBxlFQiEGMZ4%2Fh2WxDWNJOcy4pSynf8PIFZmOcwPVRi4L7rYvFkid7rk%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 30 Oct 2025 16:48:47 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=41239&sent=644&recv=342&lost=0&retrans=0&sent_bytes=789490&recv_bytes=21008&delivery_rate=9705503&cwnd=723&unsent_bytes=0&cid=ce19fde9218c6394&ts=1487&x=0"
x-cache: HIT, MISS
date: Mon, 04 Nov 2024 15:14:26 GMT
content-type: image/x-icon
last-modified: Tue, 29 Oct 2024 06:50:26 GMT
x-served-by: cache-chi-kigq8000085-CHI, cache-fra-eddf8230091-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1730222215.055223,VS0,VE111
x-styx-req-id: aaeb30fd-9615-11ef-b89e-1af01b70491e
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dc26e019746-FRA
accept-ranges: bytes
content-length: 9951
server: cloudflare

GET
H3 200 DefaultUI-ce15e383-091a4d59.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 2 KB
789 B 47ms
46ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/DefaultUI-ce15e383-091a4d59.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

043b96d186740cbc6123374ca605a0d64dab716490de8139c5ad850752f3035b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=Beo4JQ==, md5=Em0QAeYPeJr7d+FPthYoHw==
etag: "126d1001e60f789afb77e14fb616281f"
age: 610589
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 758
date: Mon, 28 Oct 2024 13:37:57 GMT
last-modified: Mon, 28 Oct 2024 13:37:23 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2mwcwIb1QK2QRv9nfi6N6WpZKSkFxU2-xrrQn7aho90uJoA5nc4nKM05ZuUao5Ddo9nas
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122643609939
content-length: 758
server: UploadServer

GET
H2 200 favicon-32x32.png
ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/images/favicons/ 3 KB
3 KB 63ms
62ms Other
image/png 2606:4700:20::681a:fdc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ushbc.blueberry.org/wp-content/mu-plugins/blueberry-base/static/images/favicons/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fdc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f68700a036b19795e1fd1f5b9421c7861149665f83de59a416a618b5c59e380b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

x-pantheon-styx-hostname: styx-fe2-a-85cb54d4c7-9qknh
cf-cache-status: HIT
etag: "66e89d75-a05"
age: 1558309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJyHkArRHqy7%2F8RMZJuDHSQBfesDqJhxKsrW%2B6OZtqnqtKhw7DOCtoGEZDhJdJGC15qPHrw%2B0nhh4ZsoXAeZdylrgm2c2Rz0Pd44LrUosmAJymdg36Y0UYc0rxgwqTySbvGgXPUtK1WBb3RqfHWQ%2BMU%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 18 Sep 2025 19:55:22 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=45550&sent=654&recv=353&lost=0&retrans=0&sent_bytes=800301&recv_bytes=21118&delivery_rate=9705503&cwnd=733&unsent_bytes=0&cid=ce19fde9218c6394&ts=1559&x=0"
x-cache: HIT, HIT
date: Mon, 04 Nov 2024 15:14:26 GMT
content-type: image/png
last-modified: Mon, 16 Sep 2024 21:04:53 GMT
x-served-by: cache-chi-klot8100083-CHI, cache-fra-eddf8230105-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729174958.589353,VS0,VE6
x-styx-req-id: c6237141-752e-11ef-9402-c61c8e558048
via: 1.1 varnish, 1.1 varnish
cf-ray: 8dd58dc2de7a9746-FRA
accept-ranges: bytes
content-length: 2565
server: cloudflare

GET
H3 200 FirstLayerCustomization-6bbfcebc-788df697.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 3 KB
1 KB 41ms
40ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/FirstLayerCustomization-6bbfcebc-788df697.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

1a639c6b443b17ec6c6f50d2de9487ec53d78fd91adec25c8d84f4668be31242

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/DefaultUI-ce15e383-091a4d59.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=UpnfjQ==, md5=2LDc/qcgegTTxLD6UhkpRw==
etag: "d8b0dcfea7207a04d3c4b0fa52192947"
age: 610589
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1076
date: Mon, 28 Oct 2024 13:37:57 GMT
last-modified: Mon, 28 Oct 2024 13:37:24 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY371kKlzCdeRlqfC7XJQQGPu6q0OQ0CPJ2k4Gm-NSBVsIKH_9uPJ_r2kmlxtJ8TopY_uZg
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122644078383
content-length: 1076
server: UploadServer

GET
H3 200 ButtonsCustomization-1f94048f-20aa0dd3.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 473 B
267 B 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/ButtonsCustomization-1f94048f-20aa0dd3.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/DefaultUI-ce15e383-091a4d59.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=k1elSQ==, md5=xS0HojXBjZIGTVYd3VNb6g==
etag: "c52d07a235c18d92064d561ddd535bea"
age: 610589
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 236
date: Mon, 28 Oct 2024 13:37:57 GMT
last-modified: Mon, 28 Oct 2024 13:37:22 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY0RLVO_91LppMYxBHblQR23ac-12B6CPo4mCp69K1I50eclSIzaN5DwNwFzcDfsvZBIQLo
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122642449928
content-length: 236
server: UploadServer

GET
H3 200 SecondLayerUI-9cac3b05-6f65af64.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 567 B
349 B 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/SecondLayerUI-9cac3b05-6f65af64.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8395d72ab340a6fb7923d93b019bffa5570553f6762dc56eeb4e5ee603ae3dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/DefaultUI-ce15e383-091a4d59.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=Jv1vrA==, md5=lRsDP24MElAPmZcJkLrX2g==
etag: "951b033f6e0c12500f99970990bad7da"
age: 610589
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 318
date: Mon, 28 Oct 2024 13:37:57 GMT
last-modified: Mon, 28 Oct 2024 13:37:26 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY3eTMdDe6sj6rPFrEIwI4lqQjoibHC8heOP_JimR7KDDk0RzrXfQXwU1YTtu0fZk2nBF4g
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122645978523
content-length: 318
server: UploadServer

GET
H3 200 Taglogger-e8de1530-77a1d15a.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 1 KB
721 B 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/Taglogger-e8de1530-77a1d15a.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fab5cda5682da8425e7110db62aa4c2163e2bbd8e2eec76139e3b1451520fa92

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=AmlEtA==, md5=LO8Zegi54c1kSelQAmBIZQ==
etag: "2cef197a08b9e1cd6449e95002604865"
age: 610588
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 687
date: Mon, 28 Oct 2024 13:37:58 GMT
last-modified: Mon, 28 Oct 2024 13:37:26 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY1EU1xQIX8ewqoQk7DimiXlNBDLr9lXYZ_cm2misgu9223lzLXtjfNQtuNBWaeC4-rKiQo
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122646492664
content-length: 687
server: UploadServer

POST
H/1.1 200 NRJS-76099a2ade05836b1bd Show response
bam.nr-data.net/1/ 179 B
634 B 693ms
594ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-76099a2ade05836b1bd?a=734502715&v=1.270.3&to=ZQQDYhRYD0BUBkRcDFxOIFUSUA5dGhFVWBNeABVTS1wZR1AXXlQPHxMEUg9LBFBBSF5aF1sCBA%3D%3D&rst=5130&ck=0&s=9c921bcb998e0807&ref=https://ushbc.blueberry.org/you-are-leaving/&ptid=0f54092b785fcaa3&ap=393&be=3719&fe=1236&dc=565&at=SUMAFFxCHE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1730733261330,%22n%22:0,%22f%22:1,%22dn%22:3446,%22dne%22:3446,%22c%22:3446,%22s%22:3485,%22ce%22:3534,%22rq%22:3534,%22rp%22:3720,%22rpe%22:3725,%22di%22:4271,%22ds%22:4271,%22de%22:4284,%22dc%22:4953,%22l%22:4953,%22le%22:4955%7D,%22navigation%22:%7B%7D%7D&fp=4272&fcp=4272
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.270.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 97e0596d84a75131ab59b3f04d352a6bc158037c9a154c5e52362842895d2e20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

access-control-expose-headers: Date
timing-allow-origin: https://ushbc.blueberry.org
Connection: keep-alive
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://ushbc.blueberry.org
Content-Length: 179
date: Mon, 04 Nov 2024 15:14:27 GMT
content-type: text/plain
x-served-by: cache-fra-etou8220055-FRA

OPTIONS
H2 204 3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0
0 139ms
45ms Preflight
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://ushbc.blueberry.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 04 Nov 2024 15:14:26 GMT
server: Google Frontend
strict-transport-security: max-age=7776000
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 70e64e8cad56a30c723305aaf799307f

POST
H2 201 3 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
87 B 50ms
48ms Fetch
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

X-Request-ID: 1eebd076-46a4-41af-be3d-71965abcba7a
Access-Control-Allow-Origin: *
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=7776000
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 04 Nov 2024 15:14:26 GMT
x-cloud-trace-context: 15c1559363c29e6aba98ea3bdfd0546f
vary: Origin
server: Google Frontend
content-type: text/html

GET
H3 200 PrivacyButton-26e00a68.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 5 KB
2 KB 45ms
44ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/PrivacyButton-26e00a68.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

b9d5cb60efaca3c6eae5d3b497e5e81d30325da6951286b161b89335d3e1f1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=Sknc5A==, md5=EUX96I6VxLIy2kq75ux7Rw==
etag: "1145fde88e95c4b232da4abbe6ec7b47"
age: 610588
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2448
date: Mon, 28 Oct 2024 13:37:58 GMT
last-modified: Mon, 28 Oct 2024 13:37:24 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY1wmZDhNGBKZO_COfi20mRwYwfn-1zDo_4xEDlyjRO02TWYxdaVGCogOzD5HrvXeXZX_2o
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122644771913
content-length: 2448
server: UploadServer

GET
H3 200 index-1fd1f8a0.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 2 KB
849 B 46ms
46ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/index-1fd1f8a0.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

cd156e27a45444e7eaa90bda6656cf52fcd6b06b96e4abcf15717e724dbbf6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=rPecPA==, md5=nFbsqOs5acKZeW/ajmhpyA==
etag: "9c56eca8eb3969c299796fda8e6869c8"
age: 610588
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 809
date: Mon, 28 Oct 2024 13:37:58 GMT
last-modified: Mon, 28 Oct 2024 13:37:30 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2qvdh6VDdrXEL1kBxD838LtkNJQu281Jve6Uar8_iOfmqLhg7EhkD-DbJM0jCXakOB-2M
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122650938005
content-length: 809
server: UploadServer

GET
H2 200 uct
uct.service.usercentrics.eu/ 35 B
258 B 158ms
61ms Image
image/gif 34.95.108.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uct.service.usercentrics.eu/uct?v=1&sid=HnSO-4Rt-&t=1&abv=&r=https%3A%2F%2Fushbc.blueberry.org%2Fyou-are-leaving%2F&cb=1730733266484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.108.95.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Response headers

strict-transport-security: max-age=7776000
cache-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
function-execution-id: a6soicq5hdij
date: Mon, 04 Nov 2024 15:14:26 GMT
content-type: image/gif
x-cloud-trace-context: 019c38dc5c43e62ad46a4eb13cf0c2c2
server: Google Frontend

GET
H3 200 index-ad6779e2.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 5 KB
2 KB 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/index-ad6779e2.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

9173d0d924e96a7afb4fd2acfab5ddc7dcc69f0c3a1eb5e5a68c307f52818bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=EXL2PA==, md5=T+FRMip/i4oP1FxOS7Tvmw==
etag: "4fe151322a7f8b8a0fd45c4e4bb4ef9b"
age: 610588
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2112
date: Mon, 28 Oct 2024 13:37:58 GMT
last-modified: Mon, 28 Oct 2024 13:37:31 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2MuGES27RU_4PDW9Gvh1Zf8GkfC8XXA8z2cqJ-E9ESRfW8U7TE7Icv65bvxC_t8KJe5C8
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122651416522
content-length: 2112
server: UploadServer

GET
H3 200 SaveButton-08722223.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 1 KB
656 B 40ms
40ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/SaveButton-08722223.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

6d366b46e8048e40f0cdc37d4a9f1ee555a86465a5e76d19d6b9ef85adaafb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index-ad6779e2.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=LU+DFA==, md5=ETsM/BHN481tGto+GFGNBw==
etag: "113b0cfc11cde3cd6d1ada3e18518d07"
age: 610588
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 616
date: Mon, 28 Oct 2024 13:37:58 GMT
last-modified: Mon, 28 Oct 2024 13:37:25 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY0va6OhLVpid8dDr-x7C1iaEvzaZO5U08u9ELUsYnbj4A81KnnY0ZF4eH4brfPI-KqWiKk
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122645741737
content-length: 616
server: UploadServer

GET
H3 200 VirtualServiceItem-7d12293d.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 156 KB
48 KB 42ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/VirtualServiceItem-7d12293d.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

0bcf79e14fc025ab07f9187810e1bf6c87db8cf16a9efd07ae31c00afaf51dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index-ad6779e2.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=oqQ0fw==, md5=n+QpIS9t7ryBz3dvP1AQoQ==
etag: "9fe429212f6deebc81cf776f3f5010a1"
age: 610588
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 48658
date: Mon, 28 Oct 2024 13:37:58 GMT
last-modified: Mon, 28 Oct 2024 13:37:27 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY26G1iApF8lklXK0zINvVf4IP39zm8eJyyZ4Rz6PClUcHLYvu1TllAzKAyWOLX_6CYnTYQ
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122647373086
content-length: 48658
server: UploadServer

GET
H3 200 DefaultTabs-7a846b85.js Show response
app.usercentrics.eu/browser-ui/3.56.0/ 4 KB
2 KB 44ms
43ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.56.0/DefaultTabs-7a846b85.js

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fdeb65d19f2cb906342f9a610b6fbb2b149e629d02dd02fbdb37fa79e11ac0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ushbc.blueberry.org
Referer: https://app.usercentrics.eu/browser-ui/3.56.0/index-ad6779e2.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=Mm0gNA==, md5=A7tmF63qFT5swm3oKKuowg==
etag: "03bb6617adea153e6cc26de828aba8c2"
age: 610588
x-goog-stored-content-encoding: gzip
expires: Tue, 28 Oct 2025 13:37:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1697
date: Mon, 28 Oct 2024 13:37:58 GMT
last-modified: Mon, 28 Oct 2024 13:37:23 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY3mvvou54mVcNZI0WBoPNABv1MMooypc2Bjio9UqvYy_s13nuY4wwOq2ev8yQC50Uwsi2Y
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730122643385710
content-length: 1697
server: UploadServer

GET
H3 403 Primary Request / Show response
23iwqow0wsf.ipsl-k.com/ 10 KB
9 KB 216ms
148ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://23iwqow0wsf.ipsl-k.com/

Requested by

Host: ushbc.blueberry.org
URL: https://ushbc.blueberry.org/wp-content/themes/ushbc/public/js/blueberry-ushbc.js?ver=1730606850

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd6f9a97b1d502dbaee35b8b7a0fbbb7040faf05b1d005c3f32c54efca89971

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ushbc.blueberry.org/you-are-leaving/?redirect=https://23iwqow0wsf.ipsl-k.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: de8pOMbHFAW7rjM7EKEg/yQ/qzT63AvppsDlaMt9j/9tYKtjzaVCY+GEx8EyEg6oj9QxRVoGYDpufqiaxfPrFRs24t47TmaingJW5+jjJCHku+pajqNfTI5wz7Q/gnpR3QYB7U/rS1QukizZryi6RQ==$h4GwBMKSjyfq+E3hroL5Vw==
cf-mitigated: challenge
cf-ray: 8dd58dd1fc7adc74-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 04 Nov 2024 15:14:28 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDToAn2R%2FVArNcoe5fNZie6%2FpM%2BfhpSvRC2w0ypUyczTWqXlSIJCkyxOxERnLaEKUJNn7Xn49ewwzosZdIu3JjyHTq9HBISZUgCw%2Fh9K9mEHQk3xn%2FW4mmFlgXQx8MsEFrVEa%2F75X7at"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=49485&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4413&delivery_rate=660&cwnd=12000&unsent_bytes=0&cid=74660d1027376542&ts=149&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

OPTIONS
H2 204 graphql
graphql.usercentrics.eu/ Frame 0
0 142ms
44ms Preflight 2600:1901:0:7903::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql.usercentrics.eu/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://ushbc.blueberry.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 04 Nov 2024 15:14:29 GMT
strict-transport-security: max-age=7776000
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H3 200 v1 Show response
23iwqow0wsf.ipsl-k.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 101 KB
39 KB 47ms
47ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://23iwqow0wsf.ipsl-k.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8dd58dd1fc7adc74
Requested by: Host: 23iwqow0wsf.ipsl-k.com
URL: https://23iwqow0wsf.ipsl-k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849d7b4442014fa5c6509092928e46d7373459875d3c2d5648d55f5a2a665082

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://23iwqow0wsf.ipsl-k.com/?__cf_chl_rt_tk=klA4bkCNaI2SLRR_krGahGnArZBmWMb_LiKhFzHVAI0-1730733268-1.0.1.1-.yAvdLPSBEmQsYfyxoqoLY3yUEESBmJ4l3ozJqqjZb4

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4nZCvuVNYlMkypCRhOl1u5Th%2FB6Zc1kmQMFoozCKfCuCQwbbGWqdQ%2FagzjHP%2BqLy412IG6wm%2BB%2FaNHvbtUacDKBBAGySp6o5dtFBfT5rZZfD97qGttf2yt9nbAovR%2F2FP6Z%2FTYXbbxO"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd58dd2dee9dc74-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48840&sent=22&recv=13&lost=0&retrans=0&sent_bytes=13360&recv_bytes=5045&delivery_rate=194154&cwnd=12000&unsent_bytes=0&cid=74660d1027376542&ts=290&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 04 Nov 2024 15:14:28 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare
priority: u=3,i=?0

GET 16cbef60-2ab0-4e93-8c1b-e4c4b382106c
https://23iwqow0wsf.ipsl-k.com/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/ 47 KB
16 KB 71ms
36ms Script
application/javascript 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit
Requested by: Host: 23iwqow0wsf.ipsl-k.com
URL: https://23iwqow0wsf.ipsl-k.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8dd58dd1fc7adc74
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://23iwqow0wsf.ipsl-k.com
Referer

Response headers

cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8dd58dd3dee6e50a-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 15:14:29 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 28 Oct 2024 19:08:47 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 403 favicon.ico
23iwqow0wsf.ipsl-k.com/ 5 KB
5 KB 45ms
45ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://23iwqow0wsf.ipsl-k.com/favicon.ico

Requested by

Host: 23iwqow0wsf.ipsl-k.com
URL: https://23iwqow0wsf.ipsl-k.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691cb641323eae992c5d16ec024e6e2abf9cbfe06e78df8f945c946cf3c43cd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://23iwqow0wsf.ipsl-k.com/

Response headers

content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Djj1aIkJHsJp0Xp2MEFgPrctnWywC%2FWIX104mMuRnRLFquJYMzcCIAHy62NH4xJJ9%2Bm5e4ZOTwjWrkJXuUeKLx0z9FtmaRUM2l5V8IKvXXmS65Mpwz0yzvRIhS5gUd6HpcUTgw4xlbVA"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43599&sent=57&recv=23&lost=0&retrans=0&sent_bytes=53880&recv_bytes=5777&delivery_rate=672502&cwnd=26400&unsent_bytes=0&cid=74660d1027376542&ts=433&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Mon, 04 Nov 2024 15:14:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: K9IHEcMehnzfHcmTxoFlHG2vbJLORfjih7YuIcpPtV8SuyjsEFohKxg1cjyMZcFgnROOpoajpupNRvhQYS+xiVEmuzfekbV/cQEKtOodtsyZ1dzuB18RjWVpQjFJQMeQM0j0w4Tcev2nByNXI2xdNw==$li5XOuBN7yft4L1YYdjdEw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8dd58dd3c9a7dc74-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 403 favicon.ico
23iwqow0wsf.ipsl-k.com/ 8 KB
7 KB 48ms
45ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://23iwqow0wsf.ipsl-k.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8878728e57e5be5955519b0707cea1f66ae9e56d6ba223e6748ebf3e7695e62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://23iwqow0wsf.ipsl-k.com/

Response headers

content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rp30799gLK0fkA20wuJgNOXGcJUtIyaktv%2FTOjTYG7xA9B257lXp0hTkDDIHtepd2iJN6NB5CuW7KelDNYncdsr01MqL0OaSCThDkCHmOpcnoRgnu2%2FAr1t1DJWQOulCwYD2aJ8zGPlB"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43715&sent=65&recv=28&lost=0&retrans=0&sent_bytes=61160&recv_bytes=6305&delivery_rate=168234&cwnd=26400&unsent_bytes=0&cid=74660d1027376542&ts=537&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Mon, 04 Nov 2024 15:14:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: OZPCkDVBa+yOscAbojkwlHpCvsQL/xk4P+v8mDq7cuBYkosks0NXjfu7iC03P//rXos7+QHmc6gBMuWm0r0iWZ+E2LzOK0tdh+7vZh9HK2hSM8TRoevEPOAxXiEH7MkyPRY8PvDXAlnHt8BaM1T3MQ==$vTl5Ehba7hc9MjWVir6wLQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8dd58dd46b43dc74-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 AURhLvEi2mwZQEYCkQpGEpCnNqPHmoRysO.8fVCeJRM-1730733268-1.2.1.1-FjAOd3.YpCiO17XoKZfls4ei_P_CMvoh0V7gzCG45cX7gqg9u6C7EH1yz_bxTVBB Show response
23iwqow0wsf.ipsl-k.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1441072355:1730730502:yvwNvE83SN2TtUePA6bM4ahQaFCHf55wUSezFtOyCOE/8dd58dd1fc7adc74/ 13 KB
10 KB 64ms
63ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://23iwqow0wsf.ipsl-k.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1441072355:1730730502:yvwNvE83SN2TtUePA6bM4ahQaFCHf55wUSezFtOyCOE/8dd58dd1fc7adc74/AURhLvEi2mwZQEYCkQpGEpCnNqPHmoRysO.8fVCeJRM-1730733268-1.2.1.1-FjAOd3.YpCiO17XoKZfls4ei_P_CMvoh0V7gzCG45cX7gqg9u6C7EH1yz_bxTVBB
Requested by: Host: 23iwqow0wsf.ipsl-k.com
URL: https://23iwqow0wsf.ipsl-k.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8dd58dd1fc7adc74
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e18a88f0fb751e4ee193c6408906aef44f0537b1d82a6f70a57b63b390eac22

Request headers

Referer: https://23iwqow0wsf.ipsl-k.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: AURhLvEi2mwZQEYCkQpGEpCnNqPHmoRysO.8fVCeJRM-1730733268-1.2.1.1-FjAOd3.YpCiO17XoKZfls4ei_P_CMvoh0V7gzCG45cX7gqg9u6C7EH1yz_bxTVBB

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74Awz39q%2BVb6MEcS3mjX%2FxUC8T82VSz0pApKG%2Fsuayi1pIwHAzA%2B%2BZ9Twizlq5WU809etySKLbM1pUYnOVv%2FMeOzdg%2B13xObDXD2PGQxsHjZxvriqj7H8jptIKKzBens80z5YksZhRCM"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd58dd47b59dc74-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43715&sent=76&recv=33&lost=0&retrans=0&sent_bytes=68537&recv_bytes=11410&delivery_rate=168234&cwnd=26400&unsent_bytes=0&cid=74660d1027376542&ts=553&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 04 Nov 2024 15:14:29 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 4zTtVizWSA2gB5uzP/UjGHqTm739Xyr/4Y5Bt8wnAxIo7HU+xo2whkceZVJ6WfxVvHZW5I2FucY=$m4wkj7+zNbBGrhxR
server: cloudflare
priority: u=1,i

GET ba57908c-65fb-4f3c-b5f4-e7aa2f112c0f
https://23iwqow0wsf.ipsl-k.com/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iywg3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame F4FD 0
0 105ms
69ms Document
text/html 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iywg3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8dd58dd52e124522-TXL
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 15:14:29 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 23iwqow0wsf.ipsl-k.com
URL: blob:https://23iwqow0wsf.ipsl-k.com/16cbef60-2ab0-4e93-8c1b-e4c4b382106c

Domain: 23iwqow0wsf.ipsl-k.com
URL: blob:https://23iwqow0wsf.ipsl-k.com/ba57908c-65fb-4f3c-b5f4-e7aa2f112c0f

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ushbc.blueberry.org/	1970-01-21 10:11:28	Name: _pk_id.2.7355 Value: 8ebaf1a388df7a1e.1730733266.
ushbc.blueberry.org/	1970-01-21 00:45:35	Name: _pk_ses.2.7355 Value: 1
.blueberry.org/	1970-01-21 09:31:09	Name: cf_clearance Value: EoNIwb9ggl1n4qwlkkM8fwBTOCtzk0cvG6fTQGvxrEo-1730733265-1.2.1.1-e9zaoNaW1FVtcqRPzehwJYrY.3dn_qVm5pa4WKKxGECD9C3PyNCg5E6TLuhoiOfOpJxoVC6tE5v6mlLLeaQ5bPL8B0D5eRVtdsg47GIhHeNBC6tJZUsX.MbGFmqGJN_xVpJP88YUL5_lgPK3zoBYW6j6Q9h8p2i12dRz0TKL7NZ8AS.lxuu01z94syczjEM6fwQ_k4xJRbTOaVF0GjOK4TqjtfZOcxDUSJrDOrm3ALUvUP1VauRxmko45BroeQDPJ4bIHk5lx3KHPNzlZw1sXxf5En.lOhmBRIMGUN7p7cCbWyobZELitlPSl9tKibTujrQcDzFQPtL0uhP_3tjyzKSfYDeKiJeTql44.iq3URdc5I1liUBSj0A.PWClaxzZ
.blueberry.org/	1970-01-21 09:31:09	Name: _hjSessionUser_2465582 Value: eyJpZCI6IjkwYTc1NWFmLWI2NWEtNTFjMC1iZDgzLTRiMGZiZDAzZTE1NSIsImNyZWF0ZWQiOjE3MzA3MzMyNjYyNTMsImV4aXN0aW5nIjp0cnVlfQ==
.blueberry.org/	1970-01-21 00:45:35	Name: _hjSession_2465582 Value: eyJpZCI6IjYyMTkyNTc1LTU1ZDAtNDBlNy04MjdiLTE1ZWFlYjY1YTQxMyIsImMiOjE3MzA3MzMyNjYyNTQsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://23iwqow0wsf.ipsl-k.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://23iwqow0wsf.ipsl-k.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://23iwqow0wsf.ipsl-k.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23iwqow0wsf.ipsl-k.com
api.usercentrics.eu
app.usercentrics.eu
bam.nr-data.net
blueberry.matomo.cloud
cdn.matomo.cloud
challenges.cloudflare.com
code.jquery.com
consent-api.service.consent.usercentrics.eu
content.hotjar.io
graphql.usercentrics.eu
js-agent.newrelic.com
p.typekit.net
pro.fontawesome.com
script.hotjar.com
static.hotjar.com
uct.service.usercentrics.eu
use.typekit.net
ushbc.blueberry.org
www.googletagmanager.com
23iwqow0wsf.ipsl-k.com
104.18.94.41
104.18.95.41
13.33.187.74
162.247.243.29
18.157.122.248
18.66.102.51
188.114.97.3
2600:1901:0:1e38::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2600:9000:2724:4600:c:7d55:b3c0:93a1
2602:816:5001::39
2606:4700:20::681a:fdc
2606:4700:4400::6812:2844
2a00:1450:4001:80b::2008
2a02:26f0:3500:8::c16c:9908
2a04:4e42:600::649
34.95.108.180
35.190.14.188
35.241.3.184
63.33.121.64
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89
0405d39301cc6b0dc7a7e672665971ec14e22b722cbdd3bd9f07b1975035617c
043b96d186740cbc6123374ca605a0d64dab716490de8139c5ad850752f3035b
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0bcf79e14fc025ab07f9187810e1bf6c87db8cf16a9efd07ae31c00afaf51dcc
0bec4f5deafe105f91bd435fd9cb91a0e245618930ed100e0cf778485209dc98
1a639c6b443b17ec6c6f50d2de9487ec53d78fd91adec25c8d84f4668be31242
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
293c213205cd107ec18a50ae1f8a7b79915117d162cc58701a575def7c295d39
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
3e18a88f0fb751e4ee193c6408906aef44f0537b1d82a6f70a57b63b390eac22
466e8ade141a717b55121276af19697a7c88093584828ad280c5fa1687aadaf2
4d8172c10c1f0c362b6549e5dd18e47d563986fca39fbcf7b536924b71449221
58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5fcfc476846935a31d50f6e4acbf31f250db09e64d7fc8cb8e2bd053ac069ce3
65701b5a5dfab60fce085684eb153a51bee4bfe99f5030bef1343ad5d9a04de2
691cb641323eae992c5d16ec024e6e2abf9cbfe06e78df8f945c946cf3c43cd7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d366b46e8048e40f0cdc37d4a9f1ee555a86465a5e76d19d6b9ef85adaafb88
6e86acb86b70281e7ce92305e52eac23e65f0993ad0e898a4d497952c5495e7d
6f678e21b10ef44ae1f6b3d66f9ccedbeff32876662c1a41440ccd3b3bc09899
7bd6f9a97b1d502dbaee35b8b7a0fbbb7040faf05b1d005c3f32c54efca89971
7bf9a28b238c01cd8c92f2582fdd29b3b9460bddb22a462402c7b14e5c3155ae
8395d72ab340a6fb7923d93b019bffa5570553f6762dc56eeb4e5ee603ae3dda
849d7b4442014fa5c6509092928e46d7373459875d3c2d5648d55f5a2a665082
913d1e01fa048e7f7b3c7e08822f83c21f2567f3904eecd9588574a48057db03
9173d0d924e96a7afb4fd2acfab5ddc7dcc69f0c3a1eb5e5a68c307f52818bbe
97e0596d84a75131ab59b3f04d352a6bc158037c9a154c5e52362842895d2e20
987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1
a1f839114ee99b1d8377f9a6492b7563656cc7d6e140919ed923256684413205
a75d094caba33ac05120819a5fd16b225bcd6ceda6d4b507d6dac56d3bbd4320
ac4d274f3d6655d3d88831c7aec521183d3f6431c4cd964be15273ca49bc2ed6
b016764328c879a54b91d1ade982306d6d8996ec6406a433549cd104bac40138
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7
b9d5cb60efaca3c6eae5d3b497e5e81d30325da6951286b161b89335d3e1f1f4
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c8878728e57e5be5955519b0707cea1f66ae9e56d6ba223e6748ebf3e7695e62
cd156e27a45444e7eaa90bda6656cf52fcd6b06b96e4abcf15717e724dbbf6a0
cf09a68c09fdc6dcd2bcfb2a28eb6969c9042044c636cf7d6adf60a3c9a327c0
d32c5e3c815638ccc635e167e0267d94f33420eae6e450b3f403d40ac76aea6d
dbbe0d8ca25eef4edbbd3248feb22f8f9cc20ded608cd3e5c410f27bf7e97f92
e08eba9a503b82cab447dfefd6fa4e60768e6f6674af7cf6cbf6d56e64b013d2
e2aad820a3b1b20aa838aacd7b9e12ca91e8baf55955917fe6a7cc52a966e858
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a679925dd5803444bf369c4fc29b893da0887fcecb4cf7a30a152240bed880
e7de3b4b49089f8cdd8267eda652f35806cb2b70f7c5cec0351f6d129263e52b
ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f68700a036b19795e1fd1f5b9421c7861149665f83de59a416a618b5c59e380b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8942b15475d8e824e5d2457787d0e1f9862fd87cef806b4c86caa005dc62ae7
fab5cda5682da8425e7110db62aa4c2163e2bbd8e2eec76139e3b1451520fa92
fcf4ad57046af8b44b9f85d4398ca15757c54cdbdecfdfdf438266ff0bd996f8
fdeb65d19f2cb906342f9a610b6fbb2b149e629d02dd02fbdb37fa79e11ac0f5

23iwqow0wsf.ipsl-k.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

50 %IPv6

13 Domains

20 Subdomains

23 IPs

5 Countries

1931 kBTransfer

4792 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

23iwqow0wsf.ipsl-k.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

50 %
IPv6

13
Domains

20
Subdomains

23
IPs

5
Countries

1931 kB
Transfer

4792 kB
Size

5
Cookies

67 HTTP transactions
1 data transactions