theground-up.com Open in urlscan Pro
2606:4700:3035::ac43:9020 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://utilityflag.com/
Effective URL:
https://theground-up.com/flags/
Submission: On March 14 via api (March 14th 2024, 3:32:26 pm UTC) from BE — Scanned from DE

Summary HTTP 79 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3035::ac43:9020, located in United States and belongs to CLOUDFLARENET, US. The main domain is theground-up.com.
TLS certificate: Issued by E1 on February 24th 2024. Valid for: 3 months.

This is the only time theground-up.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
24	2606:4700:303... 2606:4700:3035::ac43:9020	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26e... 2600:9000:26e8:2200:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::42 2620:1ec:bdf::42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:214... 2600:9000:214f:0:19:d7e:67c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	52.92.224.184 52.92.224.184	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.10.27.76 52.10.27.76	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
79	20

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

utilityflag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3035::ac43:9020 (United States)

ASN13335 (CLOUDFLARENET, US)

theground-up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26e8:2200:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:0:19:d7e:67c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cstatic.x-cart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.224.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.27.76 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-27-76.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	theground-up.com theground-up.com	585 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	794 KB
11	paypal.com www.paypal.com — Cisco Umbrella Rank: 2921 t.paypal.com — Cisco Umbrella Rank: 3536	244 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2609	73 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 753 e.clarity.ms — Cisco Umbrella Rank: 7105 c.clarity.ms — Cisco Umbrella Rank: 1385	28 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2629	33 KB
2	trustedsite.com 1 redirects www.trustedsite.com — Cisco Umbrella Rank: 21562	2 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 12575	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	170 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	760 B
1	google.de www.google.de — Cisco Umbrella Rank: 6932	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 90	255 B
1	x-cart.com cstatic.x-cart.com — Cisco Umbrella Rank: 280244	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	3 KB
1	utilityflag.com 1 redirects utilityflag.com	301 B
79	16

	Domain	Requested by
24	theground-up.com	theground-up.com
9	www.paypal.com	theground-up.com www.paypal.com www.paypalobjects.com
7	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	theground-up.com www.gstatic.com www.google.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	e.clarity.ms	www.clarity.ms
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	c.clarity.ms	1 redirects
2	www.trustedsite.com	1 redirects theground-up.com
2	t.paypal.com	theground-up.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	region1.analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	theground-up.com www.clarity.ms
2	cdn.ywxi.net	theground-up.com
2	www.googletagmanager.com	theground-up.com
1	c.bing.com	1 redirects
1	www.google.de	theground-up.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cstatic.x-cart.com	theground-up.com
1	fonts.googleapis.com	theground-up.com
1	utilityflag.com	1 redirects
79	21

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com

Subject Issuer	Validity	Valid
theground-up.com E1	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.ywxi.net Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
cstatic.x-cart.com Amazon RSA 2048 M01	`2023-09-26` - `2024-10-24`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-01-23` - `2024-12-31`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://theground-up.com/flags/
Frame ID: 9F6561176CB982B52AB528875953B9A7
Requests: 54 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_sumooymhhzxceqylpwcvbomuimypfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVQyV0Q3V1pvREZ4VncxWTVwRXVYN3FUcEs2Mlc3Smg3YVdMdVMyanZ6YmtNLU9yNm52Y2piWHFaYWRNS0hxUU9OSEt5dUpadlZEQ2FfdS0mY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNvbW1pdD1mYWxzZSZlbmFibGUtZnVuZGluZz1jcmVkaXQlMkNwYXlsYXRlciZkaXNhYmxlLWZ1bmRpbmc9Y2FyZCZjb21wb25lbnRzPWJ1dHRvbnMlMkNmdW5kaW5nLWVsaWdpYmlsaXR5JTJDbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJYQ2FydF9TUF9QQ1AiLCJkYXRhLXVpZCI6InVpZF9zdW1vb3ltaGh6eGNlcXlscHdjdmJvbXVpbXlwZmkifX0&env=production&scriptUID=uid_sumooymhhzxceqylpwcvbomuimypfi&version=1.58.0&integrationType=SDK
Frame ID: 98F62629050479C2847F8C3FCF7CA7FC
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg
Frame ID: 7ADB5192C4B72EA9EC5166CA0577D06D
Requests: 8 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 0C98DCC04C7AC68F316915C04C55E0A9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg
Frame ID: C61FEA3DE07E20F1259D7C21BA0917FD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flags

Page URL History Show full URLs

http://utilityflag.com/ HTTP 301
https://theground-up.com/flags/ Page URL

Detected technologies

X-Cart (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

[a-z\d]{32}(?:;|$)

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

79
Requests

96 %
HTTPS

62 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

1996 kB
Transfer

6120 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://facebook.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://utilityflag.com/ HTTP 301
https://theground-up.com/flags/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.trustedsite.com/rpc/tmjs/theground-up.com/visit?rand=1710430332126 HTTP 302
https://www.trustedsite.com/rpc/tmjs/theground-up.com/visit?rand=1710430332126&hash=1710430332714

Request Chain 72

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FAB3631285A943ECB0A9F47154D7DBC9&RedC=c.clarity.ms&MXFR=299EE146838C6B040BCDF504878C654D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAB3631285A943ECB0A9F47154D7DBC9&MUID=08486AD422D061A20C957E9623D0601E

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
theground-up.com/flags/
Redirect Chain

http://utilityflag.com/
https://theground-up.com/flags/

767 KB
107 KB

444ms
400ms

Document
text/html

2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ffa959a58b884531b2eb7d7ce4b63f5c3aa599b53257eee24b1959c3d0767ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: theground-up.com *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8645509f4da91c07-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 14 Mar 2024 15:32:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 14 Mar 2024 15:32:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQqjBtPCc6IyCofCih83GYlWZhNopc4IqUaBxRaIMY9C24EygrPlQnaxdIrebV0KuEQJCzX9SBR5AyyeDkjC9CUh2exT5oiVcpGeTnqVZXtAMEBs8OI4zn4ljSMoTa%2BcLKSHBwm2%2FpiPpJnjTmrk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 66
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 15:32:10 GMT
Location: https://theground-up.com/flags/
Server: ip-100-74-3-86.eu-west-2.compute.internal
X-Request-Id: 49e2f9de-fe1e-4a4b-a17b-8f6258d02ba4

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
95 KB 51ms
29ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5J3JNS8WHX

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aff7fde596761e81a00794bff66fedeb68ba631dec08de21c1ca11cbea6c072d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Mar 2024 15:32:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
75 KB 31ms
25ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWJPP2J

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

685be2145873e38d3a182a6c2f6420a1db595652214c539f603cdf4ba88c5849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76449
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Mar 2024 15:32:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
3 KB 47ms
18ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic%2Clatin-ext&1708220266

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0992346cd54b2d0228f8b81ea065466976fc86c0132deb7af95e2264920575ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:32:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 15:32:11 GMT

GET
H2 200 spacer.gif
theground-up.com/skins/customer/images/ 43 B
454 B 37ms
34ms Image
image/gif 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/images/spacer.gif
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81604
alt-svc: h3=":443"; ma=86400
content-length: 43
last-modified: Sun, 29 Oct 2023 01:39:32 GMT
server: cloudflare
etag: "653db7d4-2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lulfmnKDMX7ENzpow6JuAstGWH4ZbXYKTT7Rh0zRTMpFcisApFsImpSSL%2FXt8bfPd0EiVLdfpJGlrGEUfG1GC1JKP2mAKYwcyNO26WLsHLfd9etna2WGjPJg%2FTZwrKh%2F2wc9ePvfGWtbdGOHKkIt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a249721c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_gUs_Logo_-_Higher_Res_copy_2.jpg
theground-up.com/var/images/logo/450.120/images/simplecms/ 13 KB
14 KB 29ms
28ms Image
image/jpeg 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/var/images/logo/450.120/images/simplecms/logo_gUs_Logo_-_Higher_Res_copy_2.jpg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f62a9f76ba9060bccc590ca6a56be0d349541e73b48996b0113bf6d31f1fd06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37305
alt-svc: h3=":443"; ma=86400
content-length: 13623
last-modified: Fri, 23 Feb 2024 06:00:16 GMT
server: cloudflare
etag: "65d83470-3537"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3YcHKpnBjmjAvHnDwLPa0BeZyA%2FPuYlO0Vd2PpOKJWaytw4TlYKEba5dmLuPW4mHYacgZ15fGDv3%2F6Am8xst%2B0lml1J%2FnUyBR4JK7KL%2Fqz5H1N3WlQt9yxzxCwokeJC5IBq7vWArKG3JM09kZGA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a249761c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 paypal_accept.svg
theground-up.com/skins/customer/modules/CDev/Paypal/header/ 6 KB
3 KB 27ms
26ms Image
image/svg+xml 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/modules/CDev/Paypal/header/paypal_accept.svg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c730c8186a90632fd88af24c0eb25792826001f382c64d6f97eb24d7945c094b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37305
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 29 Oct 2023 01:39:36 GMT
server: cloudflare
etag: W/"653db7d8-1626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lTd4O5Q%2B%2Fv8M%2B5d1WAZhTuCRUqRxE2x0WrYnKGrHzDeNyHy%2FxvzX8wGesZFnwjB9%2BuBuFPIkoPhUgDAbr0fyixdEuBgZXLH5%2BOzkRIiFGJ8E3Vjcw0MFAg2WlYbUfGa8ZqFLb14gLjDEEfPOaLVF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a249771c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4524W-scaled_1.jpg
theground-up.com/var/images/product/120.150/ 2 KB
2 KB 25ms
17ms Image
image/jpeg 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/var/images/product/120.150/4524W-scaled_1.jpg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a75525976e1adb1500f994a84bd54f4c26854af47d962c359c7bbcec4c49c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12726
alt-svc: h3=":443"; ma=86400
content-length: 1619
last-modified: Mon, 17 Apr 2023 05:00:48 GMT
server: cloudflare
etag: "643cd280-653"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AF%2Bw6m8jX4bveI1z0Wr0S%2FMJclkGyMio%2BIBOmXOTtHmp%2F3%2BRUD8nrdSGyX7pC%2BhU8Zh8S%2FXcgLcv5dDWluWOMWaMovmBh2%2Fev1op3TxBqzLaeUKIMpyuuvMhd%2B%2FCgu5dq5RPIdUAs7RJQEkWQ5fV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a259831c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FLAGS%20-%20MULTICOLOR.jpg
theground-up.com/var/images/product/120.150/ 5 KB
5 KB 24ms
17ms Image
image/jpeg 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/var/images/product/120.150/FLAGS%20-%20MULTICOLOR.jpg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e5c93e17f8389271eaecd4d02715c987db78c01926e0ebb8e68f9e681c236a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12726
alt-svc: h3=":443"; ma=86400
content-length: 5054
last-modified: Wed, 03 May 2023 05:00:13 GMT
server: cloudflare
etag: "6451ea5d-13be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7sBc%2F79OdrjzGz0fBGFagZHmTM5ZYz9ZmeBpgC8Ts%2Fnp4Sfwoh6FS0V9BfO9CrGmlCtSWDeYB4t5T05ylqJTDzI3TT0gYpBUTrMBR1cLg8c62FmNSTnMbrF5%2BtM%2FaDh9gAhpCw4RWFwNETgdgwE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a259841c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 presco-marking-flags-printed-01.jpg
theground-up.com/var/images/product/120.150/ 5 KB
5 KB 35ms
28ms Image
image/jpeg 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/var/images/product/120.150/presco-marking-flags-printed-01.jpg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550e2f01717d8c44552dffec32155e5194eaa565731bcc28952a31f8ba4fdc16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12726
alt-svc: h3=":443"; ma=86400
content-length: 4729
last-modified: Sun, 07 May 2023 05:00:11 GMT
server: cloudflare
etag: "6457305b-1279"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBr%2FXuA4fXYw8yE41SmSv%2FwqsNoT2p%2BJxkbw%2FsUKfJoE9IBIpp0DVNMDIR65p0az9dx4uiHkfS360IX5zW2%2F7ADGZrxdwhNY%2BteMt9MIMSa9xX7U0SzrAzvG2%2BTb1CY9UYN0FpUy1TOPsaT%2Ba%2B8g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a259861c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 payment_cards1.jpg
theground-up.com/var/theme/images/ 6 KB
6 KB 439ms
434ms Image
image/jpeg 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/var/theme/images/payment_cards1.jpg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4c1a9688eda2741960073e2beef0ad720929b37817347327bbe1d80f33e8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Apr 2023 05:00:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6438dde9-175e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQWFISKFn2qNKh2ILlyuJuKnWr0U08bVlt3CjxUF6PfHqyRpddK5vXjUVkg4ufLx37fMfwvPwfG3AB0K0bfQoBKqYeWYt%2FKCp2FZz2B8YDSYiyq2AyKMFm3mOgsl2zR1bUc2H0qq3yYsMfexVABJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 864550a259881c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5982
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter_icon.gif
theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/ 2 KB
2 KB 25ms
20ms Image
image/gif 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/twitter_icon.gif
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98bcb6fbf4247534a2cb1c106e6f16372ba5845205aba896753e22de8835396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37299
alt-svc: h3=":443"; ma=86400
content-length: 1556
last-modified: Sat, 29 Jul 2023 06:56:38 GMT
server: cloudflare
etag: "64c4b826-614"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGhaT3qgrqME5jQ3PZ7rARcAEpRXVKmFYp38hK1GZq%2BDG2vb1Ol45soyDpOob2IO%2FSuThg4Oeq5iX3zGELlH3QhB3E3u7WoGvtGLLH%2FG1FzhM11Lop5jLiJ5a9L1zrUChhEhyG5LNzJcOf3q%2Bism"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a2598a1c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook_icon.gif
theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/ 1 KB
2 KB 27ms
22ms Image
image/gif 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/facebook_icon.gif
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0367760eb42404f2514e2eae6e52c511c100bc0bd5c1054da1ea6203acd2a70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81591
alt-svc: h3=":443"; ma=86400
content-length: 1512
last-modified: Sat, 29 Jul 2023 06:56:38 GMT
server: cloudflare
etag: "64c4b826-5e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWpD16ApQpZbams257NHMBuYhTK4PLJQMDAr8OeTuzi6EZkeXTmf6VFWSSpicw3CJVlft2w31Y8zWAyWj5iHQ7joIxUQMPX%2FEpIjamM53XrOUpTu8F2OfSlSNqaBwr0gDKF38JN%2FbQTmvuA2L31B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a2598c1c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 55ms
20ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&hl=en&onload=initRecaptchaV3

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2eba3fb1c25b942b8384e11d244775f392f95ed27d5a5aedd8396dfd19b9d23e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 14 Mar 2024 15:32:11 GMT

GET
H2 200 4da76758efc8fccfea037558e82c1c27ae334a1432ccc56b8cba1c1b22dd089e.js Show response
theground-up.com/var/resources/js/ 925 KB
262 KB 40ms
36ms Script
application/javascript 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theground-up.com/var/resources/js/4da76758efc8fccfea037558e82c1c27ae334a1432ccc56b8cba1c1b22dd089e.js?1708220266
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a7c0e1dbee0c377cd333c76ddfbafa149af46cd903fb407ecd00cda66038d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12726
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 18 Feb 2024 01:48:05 GMT
server: cloudflare
etag: W/"65d161d5-e74e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5UtHilYspnMkj3ciBg8%2BIqsjmZPt0c6gcDr93SFtPQ1eKnhSDXmLXSrGL%2BVoZOnr12AvkG%2BDDDW7Nxh04CDzy9k0Of0MBKf9%2F6mM6XG8NQ2DRkpjQUVWHxOjqL3ha4XR0Pn1OuOUMdzyK04P64m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a259871c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 20 KB
6 KB 77ms
7ms Script
text/javascript 2600:9000:26e8:2200:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:2200:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

202d372cffb91ff15e9a50be3447686baa04f58bce3b355321b6b9659781080a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
age: 2985
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4830
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B36F5455362C43C9BA7A1139955020D80EB140F7E000000000000000000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: qTKNSjfQVYTYQoMNFPw8WEV_1aihnjxZAjvB9x9w0KMf4keYo3g9FA==
expires: Thu, 14 Mar 2024 15:42:25 GMT

GET
H2 200 find.svg
theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/ 2 KB
1 KB 26ms
25ms Image
image/svg+xml 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/find.svg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59f0a4a4f8ce5d9367f4d44b448326e3dd364626920823aef80d091cf0d8656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37301
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Jul 2023 06:56:38 GMT
server: cloudflare
etag: W/"64c4b826-669"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NvvR1xOQqJJiR1VBePbYXeq8Tc8ui4O604E8EayRw%2FlBTrF0ZyFykVdTmosR8PPVQALZi%2FnLz0dQQH3CmEjmmrWrmcvfiwRjvKz4wI8lsPJsae0gTavMegEKTNjecZP5giG1HhIL%2FU2Mp9xEBv2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a279b21c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cart.svg
theground-up.com/skins/customer//modules/QSL/UltimateSkin/images/ 1 KB
1014 B 45ms
45ms Image
image/svg+xml 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer//modules/QSL/UltimateSkin/images/cart.svg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a56d2d848588826443bb7e70b9f09c887cf3b04bf05197547c03d03b904be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37301
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Jul 2023 06:56:38 GMT
server: cloudflare
etag: W/"64c4b826-46e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5cH27VQfhPdISgU9NMETMI32ewZtQH8ioqguK%2FerkgLT%2B3JDWaF1DfKdZ118L1cwpxNYIE9aZYN1zIyFRJ%2F6RINy4OPSLMMruXcm%2BURRYebrQzUc9UCD7COtXSzqAUAoBcr1InwNDY63xx2ZSSpQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a279b31c07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow-up.svg
theground-up.com/skins/customer/back_to_top/ 1 KB
1 KB 43ms
42ms Image
image/svg+xml 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/back_to_top/arrow-up.svg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1e54ca954b72368876e44cf7db3de3a5b6e51788c82ca3fa938c7a91b58f07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37301
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 29 Oct 2023 01:39:32 GMT
server: cloudflare
etag: W/"653db7d4-44b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FL%2FJgfVGulQZAdRfzMFIG4cHDMmt7u%2BB2eLBUKPLEl8cW1fOMRVi5AXMEML%2BMz5J%2F4%2BUNTTB2XpNn1yUyR84fWBHj6IIn6bhNvTpw0UBWFOmMRW5re06%2BvyEDEhXlGdG5AiBrxHjYM4XTf5pzDjo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a279299bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 comments.svg
theground-up.com/skins/customer//modules/QSL/UltimateSkin/images/ 2 KB
2 KB 42ms
42ms Image
image/svg+xml 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer//modules/QSL/UltimateSkin/images/comments.svg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2e05dfaa141eb01aa690d4e27f4e363d22a9636de4bdff7883235023aa305a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37298
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Jul 2023 06:56:38 GMT
server: cloudflare
etag: W/"64c4b826-7b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkETmzlLc1%2FXDaaA0yYtAUJGf7RXbQP9Q9acpLCWrcKB7oolO8k%2Fdqreg7inAHVoLg1BjmnuJBH7%2ByyLcsQSc48vSUxARmSDKTnRRbqYw0E7ZxdSJTLo2xGbhJOKrjwCdDI0lZGu3qU4nZTK6BhL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a2792e9bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 truck.svg
theground-up.com/skins/customer/modules/XC/FreeShipping/images/ 2 KB
2 KB 42ms
42ms Image
image/svg+xml 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/modules/XC/FreeShipping/images/truck.svg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820042b266d72110690c938cc7a689dd5151d342d27ba18cbaf31816463ab65d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37299
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 23 Mar 2022 08:02:08 GMT
server: cloudflare
etag: W/"623ad400-8b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ERyA2RCj6SbSWj8KcVR2haKHLdt7I5mgABAwYDuJqBUPjWNd3TRQj93cqnq4wL4ZH8U1PZj40Zwh3Scaj6Z9Z0rGQNctj8agUJXG67Ve95iQtOHNDResUNLhzI9hrxOiBkzpETuZ3gWlADbgMFI"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a2792f9bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cart_button.svg
theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/ 1 KB
1 KB 42ms
42ms Image
image/svg+xml 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theground-up.com/skins/customer/modules/QSL/UltimateSkin/images/cart_button.svg
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9416fb5f887810752aa581ffadede201f9d50b8b4eee208311cf6191602e8fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37299
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Jul 2023 06:56:38 GMT
server: cloudflare
etag: W/"64c4b826-46e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6O8FNRe2bxOVSKoYbX3eNViVNrVs3SeUOIE7LNC7sDs4savpxExRuO9dt3iZYh%2B9%2FMgnhbITs%2FcE%2B3pLQZBj7CiOl3V1d7h4TTIlNt2IcSH%2FLAZtK%2FjEpClovCuEYLUlECMXdta5EbpbpIU1jta"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a279319bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
theground-up.com/skins/common/css/fonts/ 70 KB
71 KB 33ms
32ms Font
font/woff2 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theground-up.com/skins/common/css/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://theground-up.com/flags/
Origin: https://theground-up.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64422
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Sun, 29 Oct 2023 01:39:34 GMT
server: cloudflare
etag: "653db7d6-118d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXIMGfmQC7Kw8M8%2FdXNYwAkT9ugZLaqZ9TTT9EJHo8JLSlrXyDLfo1zxG2%2Bn4poub1IdMFghzJXrN4bi0AHRz4RF%2FlvtmSmD9ADtDMN7%2BKoKLR1AyWh6MDxlPEouVjHSst5dn3l002JQmZnccjt%2F"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 864550a279359bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gn1c9pf6hk Show response
www.clarity.ms/tag/ 650 B
1014 B 191ms
131ms Script
application/x-javascript 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gn1c9pf6hk?ref=gtm2
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aa11e20c6182bb2e02a5d68e9c38ee6d80ea2cf353985f6170b048e7f2eb07e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: -1
date: Thu, 14 Mar 2024 15:32:11 GMT
x-azure-ref: 20240314T153211Z-nqvh1z725p5cb8uvpzss2380kn00000000rg00000001uqva
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 / Show response
theground-up.com/ 106 KB
7 KB 519ms
518ms XHR
text/html 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theground-up.com/?target=main&widget=XLite%5CView%5CSlidebar&_=1710430331404

Requested by

Host: theground-up.com
URL: https://theground-up.com/var/resources/js/4da76758efc8fccfea037558e82c1c27ae334a1432ccc56b8cba1c1b22dd089e.js?1708220266

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee85cdac67b72b3be07341b37b0ba2104a267969f81fb26421b0d63bd53ccdde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: */*
Referer: https://theground-up.com/flags/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
ajaxRefererTarget: category
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/html

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
last-modified: Thu, 14 Mar 2024 15:32:11 GMT
server: cloudflare
event-messages: []
vary: Accept-Encoding
x-frame-options: sameorigin, SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: theground-up.com, , *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIzk8jPfR6lI60YJtKUYM2gA9SFyE5AMhyz0OvDDsHV8KELAv2VQ2TRcuRRaNmSzUpGgSN8XrsiSvnQZec%2Fp1LKc3IrPW28QjaT20CzDYw8CSqTLgcWiLu7C1oZ1C%2FnYuRmHwTXAX%2BFFB%2F%2BQlowI"}],"group":"cf-nel","max_age":604800}
cf-ray: 864550a36a449bef-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cloud_search_xcart_v2.js Show response
cstatic.x-cart.com/ 211 KB
48 KB 56ms
8ms Script
application/javascript 2600:9000:214f:0:19:d7e:67c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.x-cart.com/cloud_search_xcart_v2.js
Requested by: Host: theground-up.com
URL: https://theground-up.com/var/resources/js/4da76758efc8fccfea037558e82c1c27ae334a1432ccc56b8cba1c1b22dd089e.js?1708220266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:0:19:d7e:67c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 494aa95dbde2cf668b66797d70aae232f24196dae9f3ebb72ad1ebe9b31f3135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 01:50:22 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 13:58:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 49309
x-amz-server-side-encryption: AES256
etag: W/"9ea255eae1c39ad2cbd8020008ac5b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: zNktC533GoLxjdGw0SC7BusEJc0GVUWlu1DsvEE4ALlbT0wZT6YC7Q==

GET
H2 200 js Show response
www.paypal.com/sdk/ 417 KB
116 KB 42ms
19ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AT2WD7WZoDFxVw1Y5pEuX7qTpK62W7Jh7aWLuS2jvzbkM-Or6nvcjbXqZadMKHqQONHKyuJZvVDCa_u-&currency=USD&intent=capture&commit=false&enable-funding=credit%2Cpaylater&disable-funding=card&components=buttons%2Cfunding-eligibility%2Cmessages

Requested by

Host: theground-up.com
URL: https://theground-up.com/var/resources/js/4da76758efc8fccfea037558e82c1c27ae334a1432ccc56b8cba1c1b22dd089e.js?1708220266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b72eb89f388551b31c981bc6cdd82a53c6c3a4419aaeeeaf090d5461119095d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 14 Mar 2024 15:32:11 GMT
age: 855
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f6369531e641f
server-timing: "traceparent;desc="00-0000000000000000000f6369531e641f-babd00b410b1d811-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 116770
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230040-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6369531e641f-44535731096652d4-01
x-timer: S1710430331.461021,VS0,VE9
etag: W/"1c822-SP6P10r45gqSw/uqbnnw4PbrIEw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5J3JNS8WHX&gtm=45je43b0v9108302482za200&_p=1710430331194&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1346265439.1710430331&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1710430331&sct=1&seg=0&dl=https%3A%2F%2Ftheground-up.com%2Fflags%2F&dt=Flags&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.debug_mode=true&tfd=797
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5J3JNS8WHX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 15:32:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theground-up.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 65ms
21ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5J3JNS8WHX&cid=1346265439.1710430331&gtm=45je43b0v9108302482za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5J3JNS8WHX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 15:32:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theground-up.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 57ms
33ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5J3JNS8WHX&cid=1346265439.1710430331&gtm=45je43b0v9108302482za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1867699932

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 15:32:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic%2Clatin-ext&1708220266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theground-up.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 225678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 00:50:53 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 21ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theground-up.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:54:25 GMT
x-content-type-options: nosniff
age: 95866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 12:54:25 GMT

GET
H3 200 49f72d833fdd41143c9c36dd746d153f987cf6dce8fabf091cd490f8d9dc861f.css Show response
theground-up.com/var/resources/css/https/all/ 68 KB
17 KB 20ms
20ms XHR
text/css 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theground-up.com/var/resources/css/https/all/49f72d833fdd41143c9c36dd746d153f987cf6dce8fabf091cd490f8d9dc861f.css?1708220266
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d2a4acab20c3fda02ceb3e7e1359c14bd1e9d4e022ffedb0b3627e24cd2ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64422
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 18 Feb 2024 01:38:37 GMT
server: cloudflare
etag: W/"65d15f9d-10ff9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4i6pdyryk6AeX%2BPYnCQh%2FH7vN9yow9DYDWS3H7R9fdctiwAXHTobaM0FxwPWG8m5OeOP2L3tI5IMq7MnOyMS5tJJRfTsuw9vTWF%2Br3Qcfn5CUleAyMIyy5x9xCzoLUXRCJrPbLg7EpourpFU12Sv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a40af39bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 16dc32b18e4e91e5d571b4e0e606b793422f0665ebce587d5f58620140711ee4.css Show response
theground-up.com/var/resources/css/https/screen/ 305 KB
45 KB 27ms
26ms XHR
text/css 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theground-up.com/var/resources/css/https/screen/16dc32b18e4e91e5d571b4e0e606b793422f0665ebce587d5f58620140711ee4.css?1708220266
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563ed8cfea4c9d873da3aaaefbcee1eb629a784e523e6d673ab5307288ca68aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17399
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 18 Feb 2024 01:38:52 GMT
server: cloudflare
etag: W/"65d15fac-4c518"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmg74T588rgcsSK7ZkcL2e2aVeoFGZapXT8bJF8PbS0qC5IvoC2PjMZUVpfbpDOz8F87qUeXAvktJ0qvCtHybQg%2BEzMFcq%2Fv%2FtfBIoWL7YYZD0N7EqD5WIqhOwa3Ys3RQmcgoOh4V9%2BNYBkrx%2BFW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a40af49bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 e0364007fdb59b17abc3ae35e14db7ffb8cb3e38978e7877be38f6bd7c8a9d27.css Show response
theground-up.com/var/resources/css/https/all/ 142 KB
28 KB 29ms
28ms XHR
text/css 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theground-up.com/var/resources/css/https/all/e0364007fdb59b17abc3ae35e14db7ffb8cb3e38978e7877be38f6bd7c8a9d27.css?1708220266
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b2faf2b1bdabee4bee92fc29d42c41819fd24dd044d84f2aaa291102b139abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84158
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 18 Feb 2024 01:39:10 GMT
server: cloudflare
etag: W/"65d15fbe-237b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qaJhV5POepRJSW0tzrSYfAunxO1JAaHgpRc7qXqbEmqphG487bq451GwjfgrzQ9ecakUPnlA5jfI5JwPUTNlAL%2BwTaa95LLfh3hBwsF4Z%2F8e9Dz%2BJ0b%2B%2BTX7LNbIEPu8J8VASNnyJ2vC0Ch%2FH53n"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a40af89bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 56a3887003681ac29c838a2d53dd6197178f0fc803dafa0966d10be70abd7f13.css Show response
theground-up.com/var/resources/css/https/print/ 953 B
942 B 21ms
20ms XHR
text/css 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theground-up.com/var/resources/css/https/print/56a3887003681ac29c838a2d53dd6197178f0fc803dafa0966d10be70abd7f13.css?1708220266
Requested by: Host: theground-up.com
URL: https://theground-up.com/flags/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bbbbf62db6722ca2e5953cd5704a55122296fc0a7e9977973d7edc560713900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64422
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 18 Feb 2024 01:38:32 GMT
server: cloudflare
etag: W/"65d15f98-3b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTfFsrZJFPlL3GLsujf2pr%2BH8V2MduIgF2dmZcct6pd5yAbA0lkLC%2Ff%2BkQ3D1Dwz20j0WdLe7RBLSREegxiq1tcdSRjJoxB5Ml56hMO802e%2FRmsbonmslACjuWZE8%2Fecxxmw07I2QT53UnDHbxfE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a40afb9bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/theground-up.com/ 227 B
1 KB 572ms
190ms XHR
application/json 52.92.224.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/theground-up.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.224.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2b6c16b65fb0f510a3b87578c630102bb968ca9727a7f4ed1a01ba4d067d5faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:32:13 GMT
Content-Encoding: gzip
x-amz-version-id: _rs3XTYXHDnYP176xlUNYEDFHY5tpD_c
x-amz-request-id: RE37RM5CSJKTZ3NB
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 183
x-amz-id-2: LWt73qayhWKLUtDyfTew8g93FstfKvz8Jst1ME7KHD9vqK5eiaZ/lZ8UFssG6OXPsA459hR+ng4=
Last-Modified: Tue, 12 Mar 2024 09:54:19 GMT
Server: AmazonS3
ETag: "7e0585152359984427c03dee801ae4f7"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://theground-up.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/theground-up.com/ 227 B
1 KB 561ms
204ms XHR
application/json 52.92.224.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/theground-up.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.224.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2b6c16b65fb0f510a3b87578c630102bb968ca9727a7f4ed1a01ba4d067d5faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:32:12 GMT
Content-Encoding: gzip
x-amz-version-id: _rs3XTYXHDnYP176xlUNYEDFHY5tpD_c
x-amz-request-id: J2EFXXWZX3J5AKX8
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 183
x-amz-id-2: ecG5mCHOJv5Q/XzCDWgtuhbibl+pcyzqSy/cUAArQHcHbLXzJlqzG7/mhpH9yyYJRcyBi3ykJAg=
Last-Modified: Tue, 12 Mar 2024 09:54:19 GMT
Server: AmazonS3
ETag: "7e0585152359984427c03dee801ae4f7"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://theground-up.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 490 KB
195 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&hl=en&onload=initRecaptchaV3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theground-up.com/
Origin: https://theground-up.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 14:56:27 GMT

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame 98F6 5 KB
2 KB 17ms
16ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_sumooymhhzxceqylpwcvbomuimypfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVQyV0Q3V1pvREZ4VncxWTVwRXVYN3FUcEs2Mlc3Smg3YVdMdVMyanZ6YmtNLU9yNm52Y2piWHFaYWRNS0hxUU9OSEt5dUpadlZEQ2FfdS0mY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNvbW1pdD1mYWxzZSZlbmFibGUtZnVuZGluZz1jcmVkaXQlMkNwYXlsYXRlciZkaXNhYmxlLWZ1bmRpbmc9Y2FyZCZjb21wb25lbnRzPWJ1dHRvbnMlMkNmdW5kaW5nLWVsaWdpYmlsaXR5JTJDbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJYQ2FydF9TUF9QQ1AiLCJkYXRhLXVpZCI6InVpZF9zdW1vb3ltaGh6eGNlcXlscHdjdmJvbXVpbXlwZmkifX0&env=production&scriptUID=uid_sumooymhhzxceqylpwcvbomuimypfi&version=1.58.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AT2WD7WZoDFxVw1Y5pEuX7qTpK62W7Jh7aWLuS2jvzbkM-Or6nvcjbXqZadMKHqQONHKyuJZvVDCa_u-&currency=USD&intent=capture&commit=false&enable-funding=credit%2Cpaylater&disable-funding=card&components=buttons%2Cfunding-eligibility%2Cmessages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a17793a04016eb52396740a06b0a7766063bbea2ebc597df7c634e8d2e5bf64f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theground-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 70168
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1524
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Thu, 14 Mar 2024 15:32:11 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-IeC2WtOSNZkQ8wVRBU4vPzgg0/o"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f5243637366c7
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f5243637366c7-0ad65fade68fa78d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f5243637366c7-ab8c7135a67f0f2d-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 24365, 0
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230040-FRA
x-timer: S1710430332.722364,VS0,VE8
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 27ms
27ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=theground-up.com&t=xo&v=5.0.429&source=payments_sdk&client_id=AT2WD7WZoDFxVw1Y5pEuX7qTpK62W7Jh7aWLuS2jvzbkM-Or6nvcjbXqZadMKHqQONHKyuJZvVDCa_u-&comp=buttons,funding-eligibility,messages&disableSetCookie=true&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

85e0e370a2d5f17e256f0742b6f93d0379b5986e35db74191d80d11633fe3558

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-esZvYlszgG+G1WhSY6httWZjpxCnfeDZ7Csh0ZwADwC+Dw3V' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-esZvYlszgG+G1WhSY6httWZjpxCnfeDZ7Csh0ZwADwC+Dw3V' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Mar 2024 15:32:11 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 68200
x-cache: HIT, MISS
paypal-debug-id: f5143449478a3
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4807
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230040-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f5143449478a3-316a7a5cd05735c7-01
x-timer: S1710430332.748187,VS0,VE10
etag: W/"36a2-zGZhk8wd7+rVQQ+x6QeRHqdOPDU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
25 KB 21ms
21ms Script
application/javascript 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gn1c9pf6hk?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 17:00:12 GMT
etag: W/"0x8DC41238D312F83"
vary: Accept-Encoding
x-azure-ref: 20240314T153211Z-nqvh1z725p5cb8uvpzss2380kn00000000rg00000001uqw4
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ffee7853-d01e-0027-3050-75391f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7ADB 45 KB
29 KB 67ms
32ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da42f5578deac3225b8b32a88affae95fd145c87f2506cf832f8d76faad9112c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wtu-cQY4RL0rvsntJafXYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theground-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Wtu-cQY4RL0rvsntJafXYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 15:32:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 98F6 417 KB
115 KB 19ms
19ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_sumooymhhzxceqylpwcvbomuimypfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVQyV0Q3V1pvREZ4VncxWTVwRXVYN3FUcEs2Mlc3Smg3YVdMdVMyanZ6YmtNLU9yNm52Y2piWHFaYWRNS0hxUU9OSEt5dUpadlZEQ2FfdS0mY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNvbW1pdD1mYWxzZSZlbmFibGUtZnVuZGluZz1jcmVkaXQlMkNwYXlsYXRlciZkaXNhYmxlLWZ1bmRpbmc9Y2FyZCZjb21wb25lbnRzPWJ1dHRvbnMlMkNmdW5kaW5nLWVsaWdpYmlsaXR5JTJDbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJYQ2FydF9TUF9QQ1AiLCJkYXRhLXVpZCI6InVpZF9zdW1vb3ltaGh6eGNlcXlscHdjdmJvbXVpbXlwZmkifX0&env=production&scriptUID=uid_sumooymhhzxceqylpwcvbomuimypfi&version=1.58.0&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b72eb89f388551b31c981bc6cdd82a53c6c3a4419aaeeeaf090d5461119095d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_sumooymhhzxceqylpwcvbomuimypfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVQyV0Q3V1pvREZ4VncxWTVwRXVYN3FUcEs2Mlc3Smg3YVdMdVMyanZ6YmtNLU9yNm52Y2piWHFaYWRNS0hxUU9OSEt5dUpadlZEQ2FfdS0mY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNvbW1pdD1mYWxzZSZlbmFibGUtZnVuZGluZz1jcmVkaXQlMkNwYXlsYXRlciZkaXNhYmxlLWZ1bmRpbmc9Y2FyZCZjb21wb25lbnRzPWJ1dHRvbnMlMkNmdW5kaW5nLWVsaWdpYmlsaXR5JTJDbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJYQ2FydF9TUF9QQ1AiLCJkYXRhLXVpZCI6InVpZF9zdW1vb3ltaGh6eGNlcXlscHdjdmJvbXVpbXlwZmkifX0&env=production&scriptUID=uid_sumooymhhzxceqylpwcvbomuimypfi&version=1.58.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fyBarScXp/vTDg6VRMH/HmWCcn5cGNhLoUfMISaK7BUJHK+H' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 14 Mar 2024 15:32:11 GMT
age: 855
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f6369531e641f
server-timing: "traceparent;desc="00-0000000000000000000f6369531e641f-babd00b410b1d811-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 116770
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230040-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6369531e641f-44535731096652d4-01
x-timer: S1710430332.857359,VS0,VE6
etag: W/"1c822-SP6P10r45gqSw/uqbnnw4PbrIEw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 119ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=theground-up.com&t=xo&v=5.0.429&source=payments_sdk&client_id=AT2WD7WZoDFxVw1Y5pEuX7qTpK62W7Jh7aWLuS2jvzbkM-Or6nvcjbXqZadMKHqQONHKyuJZvVDCa_u-&comp=buttons,funding-eligibility,messages&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DA) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 95344d0c69b44
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (ama/48DA)
traceparent: 00-000000000000000000095344d0c69b44-bed21331e4baf87f-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 14 Mar 2024 16:32:11 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
511 B 235ms
152ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AVRZRRCTPACC5Y-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AVRZRRCTPACC5Y-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=183049b5-5020-4eab-9dfc-5efce95ac279&fltp=analytics&mrid=VRZRRCTPACC5Y&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Flags&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1710430331857&g=-60&completeurl=https%3A%2F%2Ftheground-up.com%2Fflags%2F&disableSetCookie=true

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 14 Mar 2024 15:32:12 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d646b6be93c07
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230072-FRA
pragma: no-cache
correlation-id: d646b6be93c07
traceparent: 00-0000000000000000000d646b6be93c07-023a69560d121256-01
x-timer: S1710430332.950294,VS0,VE145
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 15:32:12 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 7ADB 55 KB
24 KB 25ms
8ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 12:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 12:57:39 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 7ADB 490 KB
194 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 14:56:27 GMT

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame 98F6 40 B
2 KB 187ms
187ms Fetch
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_3ddc89e639_mtu6mzi6mte&disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_sumooymhhzxceqylpwcvbomuimypfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVQyV0Q3V1pvREZ4VncxWTVwRXVYN3FUcEs2Mlc3Smg3YVdMdVMyanZ6YmtNLU9yNm52Y2piWHFaYWRNS0hxUU9OSEt5dUpadlZEQ2FfdS0mY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNvbW1pdD1mYWxzZSZlbmFibGUtZnVuZGluZz1jcmVkaXQlMkNwYXlsYXRlciZkaXNhYmxlLWZ1bmRpbmc9Y2FyZCZjb21wb25lbnRzPWJ1dHRvbnMlMkNmdW5kaW5nLWVsaWdpYmlsaXR5JTJDbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJYQ2FydF9TUF9QQ1AiLCJkYXRhLXVpZCI6InVpZF9zdW1vb3ltaGh6eGNlcXlscHdjdmJvbXVpbXlwZmkifX0&env=production&scriptUID=uid_sumooymhhzxceqylpwcvbomuimypfi&version=1.58.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 14 Mar 2024 15:32:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
edge-cache-tag: up-treatments-hash
x-cache: MISS, MISS
paypal-debug-id: f3312984616ab
server-timing: "traceparent;desc="00-0000000000000000000f3312984616ab-7464dd403b3d8cd2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 56
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230040-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f3312984616ab-5bf188590d61393c-01
x-timer: S1710430332.965901,VS0,VE179
etag: W/"28-xz7oeWVj/8B52QKKulWR9ZDQlKU"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: s-maxage=86400, max-age=0
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 custom.css
theground-up.com/var/theme/ 6 KB
2 KB 18ms
17ms Stylesheet
text/css 2606:4700:3035::ac43:9020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theground-up.com/var/theme/custom.css?1708220266
Requested by: Host: theground-up.com
URL: https://theground-up.com/var/resources/js/4da76758efc8fccfea037558e82c1c27ae334a1432ccc56b8cba1c1b22dd089e.js?1708220266
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c19b0882ec5e8524d1c45efab9b5efda6f25582f6a317eb22db74c57040f662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/flags/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84158
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jan 2024 15:56:45 GMT
server: cloudflare
etag: W/"65a00fbd-165e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRrvYDmIkcJ7HlEwRLuHHbb23K60Bme4Pc8myQ%2FJPtFX7gK1zN%2BQnQPKZ4Kfo4OG9njr3p23Mno0n%2B5u8eD5GWVIoAt0dAodenET40ToRzEbDKCpl8f%2Ba7kKwMBQxeoUybGT9%2B8q5UF7hHUoYk2u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 864550a6eee89bef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
296 B 348ms
139ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theground-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://theground-up.com
Date: Thu, 14 Mar 2024 15:32:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 0C98 55 KB
17 KB 14ms
14ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theground-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Thu, 14 Mar 2024 15:32:12 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Thu, 14 Mar 2024 16:32:12 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: cc161c775bba6
server: ECAcc (ama/48B6)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000cc161c775bba6-11b2853b789f84a0-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H3 200 Jeg7kAr-4pwBaYwYYQcOgo_iB5tAOGlBo34CkooCo7A.js Show response
www.google.com/js/bg/ Frame 7ADB 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Jeg7kAr-4pwBaYwYYQcOgo_iB5tAOGlBo34CkooCo7A.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25e83b900afee29c01698c1861070e828fe2079b40386941a37e02928a02a3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 10:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7355
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 10:46:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7ADB 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 215204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 19 Mar 2024 03:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7ADB 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 237949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 21:26:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7ADB 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 195635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 09:11:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7ADB 102 B
135 B 18ms
16ms Other
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 14 Mar 2024 15:32:12 GMT

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 0C98 18 B
211 B 171ms
170ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C49) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: ba4779d828559
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (dac/9C49)
traceparent: 00-0000000000000000000ba4779d828559-2a7f30223da5d3db-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 14 Mar 2024 15:32:11 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
166 B 166ms
166ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AVRZRRCTPACC5Y-1&page=muse%3Aoffer%3A%3A%3AVRZRRCTPACC5Y-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=183049b5-5020-4eab-9dfc-5efce95ac279&es=visitorInfoFlowStarted&mrid=VRZRRCTPACC5Y&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Flags&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1710430332114&g=-60&completeurl=https%3A%2F%2Ftheground-up.com%2Fflags%2F&disableSetCookie=true

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 14 Mar 2024 15:32:12 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 2ce4427f65afd
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230072-FRA
pragma: no-cache
correlation-id: 2ce4427f65afd
traceparent: 00-00000000000000000002ce4427f65afd-8441c67f6ba9a203-01
x-timer: S1710430332.116722,VS0,VE159
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 15:32:12 GMT

GET
H2

200

visit Show response
www.trustedsite.com/rpc/tmjs/theground-up.com/
Redirect Chain

https://www.trustedsite.com/rpc/tmjs/theground-up.com/visit?rand=1710430332126
https://www.trustedsite.com/rpc/tmjs/theground-up.com/visit?rand=1710430332126&hash=1710430332714

6 B
1000 B

176ms
176ms

Script
text/javascript

52.10.27.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/tmjs/theground-up.com/visit?rand=1710430332126&hash=1710430332714

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Server

52.10.27.76 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-27-76.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: Apache
x-trace: 2BE6B0584BACA440FFE0CCE248D6D0742CE396F1E0000000000000000000
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-type: text/javascript; charset=utf-8
content-length: 26

Redirect headers

date: Thu, 14 Mar 2024 15:32:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B335FD4FA2A97E87FC42B751B013EE8A405ED7D23000000000000000000
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-type: text/html; charset=utf-8
location: https://www.trustedsite.com/rpc/tmjs/theground-up.com/visit?rand=1710430332126&hash=1710430332714
x-robots-tag: noindex, nofollow
content-length: 135

GET
H2 200 205.svg
cdn.ywxi.net/meter/theground-up.com/ 20 KB
8 KB 157ms
157ms Image
image/svg+xml 2600:9000:26e8:2200:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/theground-up.com/205.svg?ts=1710237258349&l=en

Requested by

Host: theground-up.com
URL: https://theground-up.com/flags/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:2200:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Miss from cloudfront
content-length: 7400
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B76827A294B8FBB6C1B38FECFEA9CB46A3414A60A000000000000000000
content-type: image/svg+xml
cache-control: public
x-amz-cf-id: vreG3-bLyETM2_-8TqsJjnYUDLHkx6huaHiz65tuoJ0e0QZd28rWYg==
expires: Thu, 14 Mar 2024 16:32:12 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C61F 45 KB
28 KB 39ms
38ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: theground-up.com
URL: https://theground-up.com/var/resources/js/4da76758efc8fccfea037558e82c1c27ae334a1432ccc56b8cba1c1b22dd089e.js?1708220266

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53c57fc591eb7f7155d286183ec9b84d3bbf4efa6eeb509165e5f11f9d6035b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kKYvjh-DopM_W-E_d7G4NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theground-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kKYvjh-DopM_W-E_d7G4NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 15:32:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame C61F 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 12:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 12:57:39 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame C61F 490 KB
194 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 14:56:27 GMT

POST logger
www.paypal.com/xoplatform/logger/api/ Frame 98F6 0
0

GET
H3 200 Jeg7kAr-4pwBaYwYYQcOgo_iB5tAOGlBo34CkooCo7A.js Show response
www.google.com/js/bg/ Frame C61F 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Jeg7kAr-4pwBaYwYYQcOgo_iB5tAOGlBo34CkooCo7A.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25e83b900afee29c01698c1861070e828fe2079b40386941a37e02928a02a3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 10:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7355
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 10:46:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C61F 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 215204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 19 Mar 2024 03:45:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C61F 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 237949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 21:26:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C61F 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 195635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 09:11:37 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 0C98 435 B
1 KB 259ms
259ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a623e9819c3a4195e538927d245f5372a580858a60e0319b6f648bdd0eaee2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-6f5ttN97mI6Ov+4OkLWkLQTqgsk5bFrVTIBRiThjJivPjUPq' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-6f5ttN97mI6Ov+4OkLWkLQTqgsk5bFrVTIBRiThjJivPjUPq' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 14 Mar 2024 15:32:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f824070a296f2
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230040-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f824070a296f2-50a89f4a3477b20c-01
x-timer: S1710430333.505698,VS0,VE252
etag: W/"1b3-tDExUZHR9UJPL6kINaNPA9U+r2Q"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 195ms
178ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 14 Mar 2024 15:32:12 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f33129897e692
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f33129897e692-76f67cac40893cb8-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230048-FRA, cache-fra-eddf8230048-FRA
x-timer: S1710430332.326699,VS0,VE171

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C61F 102 B
135 B 17ms
16ms Other
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKc5QoAAAAAMcF6u3_X3ubFL8cqNnCoTI4pmii&co=aHR0cHM6Ly90aGVncm91bmQtdXAuY29tOjQ0Mw..&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=hrh83sz8udjg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 14 Mar 2024 15:32:12 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
296 B 412ms
218ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theground-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://theground-up.com
Date: Thu, 14 Mar 2024 15:32:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FAB3631285A943ECB0A9F47154D7DBC9&RedC=c.clarity.ms&MXFR=299EE146838C6B040BCDF504878C654D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAB3631285A943ECB0A9F47154D7DBC9&MUID=08486AD422D061A20C957E9623D0601E

42 B
464 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAB3631285A943ECB0A9F47154D7DBC9&MUID=08486AD422D061A20C957E9623D0601E
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 15:32:13 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 14 Mar 2024 15:32:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 009D94852FA94441BF984565DE19817D Ref B: FRAEDGE1922 Ref C: 2024-03-14T15:32:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAB3631285A943ECB0A9F47154D7DBC9&MUID=08486AD422D061A20C957E9623D0601E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
296 B 219ms
219ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theground-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://theground-up.com
Date: Thu, 14 Mar 2024 15:32:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5J3JNS8WHX&gtm=45je43b0v9108302482za200&_p=1710430331194&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1346265439.1710430331&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=2&cu=USD&sid=1710430331&sct=1&seg=0&dl=https%3A%2F%2Ftheground-up.com%2Fflags%2F&dt=Flags&en=view_item_list&_ee=1&pr1=idSKU-PR-4521-W~nm4%22%20x%205%22%20Flags%20with%2021%22%20Wire%20Staff%20-%20WHITE~caConstruction%20Flags%20%26%20Underground%20Utility%20Markers%2FFlags~brPresco~lp1~lncategory&pr2=idSKU-PR-4521~nm4%22%20x%205%22%20Flags%20with%2021%22%20Wire%20Staff%20-%20COLORED~caConstruction%20Flags%20%26%20Underground%20Utility%20Markers%2FFlags~brPresco~lp2~lncategory&pr3=idSKU-PR-4521-CUSTOM~nm4%22%20x%205%22%20Flags%20with%2021%22%20Wire%20Staff%20-%20CUSTOM%20PRINTED%20%26%20COLORED~caConstruction%20Flags%20%26%20Underground%20Utility%20Markers%2FFlags~brPresco~lp3~lncategory&ep.debug_mode=true&ep.item_list_name=category&_et=116&tfd=5915
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5J3JNS8WHX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theground-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 15:32:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theground-up.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
296 B 329ms
116ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theground-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://theground-up.com
Date: Thu, 14 Mar 2024 15:32:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 log Show response
www.paypal.com/credit-presentment/ 0
917 B 183ms
183ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log?disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://theground-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: application/json

Response headers

date: Thu, 14 Mar 2024 15:32:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f913488932598
server-timing: "traceparent;desc="00-0000000000000000000f913488932598-8449ae3eb1d30601-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230040-FRA
paypal-related-debug-ids
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f913488932598-97c070bb30ae9810-01
x-timer: S1710430342.872572,VS0,VE176
access-control-allow-origin: https://theground-up.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 log
www.paypal.com/credit-presentment/ Frame 0
0 197ms
197ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log?disableSetCookie=true&features=disable-set-cookie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://theground-up.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://theground-up.com
access-control-expose-headers: Server-Timing
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 14 Mar 2024 15:32:21 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f913488c82f3b
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f913488c82f3b-b914ce53f7cce7f4-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f913488c82f3b-0581a4e98d52fb1d-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230048-FRA, cache-fra-eddf8230048-FRA
x-timer: S1710430342.674830,VS0,VE190

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theground-up.com/flags	1969-12-31 23:59:59	Name: xcart_ga_session Value: 1710430331
.theground-up.com/	1970-01-20 19:17:15	Name: xid Value: PT6Vtb3rlYDjUQW07BeEORUsj56uEprz
.theground-up.com/	1970-01-20 19:07:13	Name: viewedResources Value: %5B%228916637c913fbcfd4ad51d383786b10b%22%2C%22206d2e1b4d7492710f67858d66689c29%22%2C%2219cd94e1f836ad26a79b41ba6c69a0ba%22%2C%22aa158f74163a1ff887cad4fa121440fe%22%5D
.theground-up.com/	1970-01-21 04:43:10	Name: _ga Value: GA1.1.1346265439.1710430331
.theground-up.com/	1970-01-21 04:43:10	Name: _ga_5J3JNS8WHX Value: GS1.1.1710430331.1.0.1710430331.60.0.0
www.clarity.ms/	1970-01-21 03:52:46	Name: CLID Value: 0aea5e6b7723454c9efc079110f5a13f.20240314.20250314
.theground-up.com/	1970-01-21 03:52:46	Name: _clck Value: 1rai34v%7C2%7Cfk2%7C0%7C1534
theground-up.com/	1970-01-20 19:08:36	Name: trustedsite_visit Value: 1
theground-up.com/	1970-01-20 19:07:10	Name: trustedsite_tm_float_seen Value: 1
.theground-up.com/	1970-01-20 19:08:36	Name: _clsk Value: 1a93uu2%7C1710430332348%7C1%7C1%7Ce.clarity.ms%2Fcollect
www.trustedsite.com/	1970-01-20 19:17:15	Name: AWSALBCORS Value: ZD/ej8WRwXXvLzEn+u78UByXFWOR02DeWDVgdrXwlwb2ixhR53Mf0zyZUh0/KcweOt/7XoI8QfmH2IxjNohOF5YEFiFDAajmSCOoytQ4fcLcl6laImlZaA+HXTXW
.bing.com/	1970-01-21 04:28:46	Name: MUID Value: 08486AD422D061A20C957E9623D0601E
.c.bing.com/	1970-01-20 19:17:15	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:28:46	Name: SRM_B Value: 08486AD422D061A20C957E9623D0601E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:28:46	Name: MUID Value: 08486AD422D061A20C957E9623D0601E
.c.clarity.ms/	1970-01-20 19:17:15	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:07:10	Name: ANONCHK Value: 0

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theground-up.com/flags/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.ywxi.net
cstatic.x-cart.com
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
s3-us-west-2.amazonaws.com
stats.g.doubleclick.net
t.paypal.com
theground-up.com
utilityflag.com
www.clarity.ms
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.trustedsite.com
www.paypal.com
151.101.1.21
151.101.129.35
192.229.221.25
20.62.48.180
2001:4860:4802:34::36
2600:9000:214f:0:19:d7e:67c0:93a1
2600:9000:26e8:2200:14:6bfc:5740:93a1
2606:4700:3035::ac43:9020
2620:1ec:bdf::42
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::2008
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9c
3.33.152.147
52.10.27.76
52.92.224.184
68.219.88.97
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07d2a4acab20c3fda02ceb3e7e1359c14bd1e9d4e022ffedb0b3627e24cd2ce1
0992346cd54b2d0228f8b81ea065466976fc86c0132deb7af95e2264920575ba
0c19b0882ec5e8524d1c45efab9b5efda6f25582f6a317eb22db74c57040f662
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0f62a9f76ba9060bccc590ca6a56be0d349541e73b48996b0113bf6d31f1fd06
11a7c0e1dbee0c377cd333c76ddfbafa149af46cd903fb407ecd00cda66038d1
17e5c93e17f8389271eaecd4d02715c987db78c01926e0ebb8e68f9e681c236a
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
1a623e9819c3a4195e538927d245f5372a580858a60e0319b6f648bdd0eaee2f
1b2e05dfaa141eb01aa690d4e27f4e363d22a9636de4bdff7883235023aa305a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
202d372cffb91ff15e9a50be3447686baa04f58bce3b355321b6b9659781080a
25e83b900afee29c01698c1861070e828fe2079b40386941a37e02928a02a3b0
2b6c16b65fb0f510a3b87578c630102bb968ca9727a7f4ed1a01ba4d067d5faa
2eba3fb1c25b942b8384e11d244775f392f95ed27d5a5aedd8396dfd19b9d23e
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ffa959a58b884531b2eb7d7ce4b63f5c3aa599b53257eee24b1959c3d0767ea
494aa95dbde2cf668b66797d70aae232f24196dae9f3ebb72ad1ebe9b31f3135
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
53c57fc591eb7f7155d286183ec9b84d3bbf4efa6eeb509165e5f11f9d6035b7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550e2f01717d8c44552dffec32155e5194eaa565731bcc28952a31f8ba4fdc16
563ed8cfea4c9d873da3aaaefbcee1eb629a784e523e6d673ab5307288ca68aa
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
685be2145873e38d3a182a6c2f6420a1db595652214c539f603cdf4ba88c5849
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b2faf2b1bdabee4bee92fc29d42c41819fd24dd044d84f2aaa291102b139abb
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
820042b266d72110690c938cc7a689dd5151d342d27ba18cbaf31816463ab65d
85e0e370a2d5f17e256f0742b6f93d0379b5986e35db74191d80d11633fe3558
8b72eb89f388551b31c981bc6cdd82a53c6c3a4419aaeeeaf090d5461119095d
8bbbbf62db6722ca2e5953cd5704a55122296fc0a7e9977973d7edc560713900
8f1e54ca954b72368876e44cf7db3de3a5b6e51788c82ca3fa938c7a91b58f07
91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb
9416fb5f887810752aa581ffadede201f9d50b8b4eee208311cf6191602e8fa8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a17793a04016eb52396740a06b0a7766063bbea2ebc597df7c634e8d2e5bf64f
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a56d2d848588826443bb7e70b9f09c887cf3b04bf05197547c03d03b904be14d
aa11e20c6182bb2e02a5d68e9c38ee6d80ea2cf353985f6170b048e7f2eb07e5
aff7fde596761e81a00794bff66fedeb68ba631dec08de21c1ca11cbea6c072d
b59f0a4a4f8ce5d9367f4d44b448326e3dd364626920823aef80d091cf0d8656
bb4c1a9688eda2741960073e2beef0ad720929b37817347327bbe1d80f33e8c1
c730c8186a90632fd88af24c0eb25792826001f382c64d6f97eb24d7945c094b
c98bcb6fbf4247534a2cb1c106e6f16372ba5845205aba896753e22de8835396
d0367760eb42404f2514e2eae6e52c511c100bc0bd5c1054da1ea6203acd2a70
da42f5578deac3225b8b32a88affae95fd145c87f2506cf832f8d76faad9112c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee85cdac67b72b3be07341b37b0ba2104a267969f81fb26421b0d63bd53ccdde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a75525976e1adb1500f994a84bd54f4c26854af47d962c359c7bbcec4c49c3

theground-up.com Open in urlscan Pro 2606:4700:3035::ac43:9020 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

96 %HTTPS

62 %IPv6

16 Domains

21 Subdomains

20 IPs

4 Countries

1996 kBTransfer

6120 kBSize

18 Cookies

2 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theground-up.com Open in urlscan Pro
2606:4700:3035::ac43:9020 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

96 %
HTTPS

62 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

1996 kB
Transfer

6120 kB
Size

18
Cookies

79 HTTP transactions
0 data transactions